[1]李 熠,李永忠.基于自编码器和极限学习机的工业控制网络入侵检测算法[J].南京理工大学学报(自然科学版),2019,43(04):408-413.[doi:10.14177/j.cnki.32-1397n.2019.43.04.005]
 Li Yi,Li Yongzhong.Intrusion detection algorithm for industrial control networksbased on auto-encoder and extreme learning machine[J].Journal of Nanjing University of Science and Technology,2019,43(04):408-413.[doi:10.14177/j.cnki.32-1397n.2019.43.04.005]
点击复制

基于自编码器和极限学习机的工业控制网络入侵检测算法()
分享到:

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

卷:
43卷
期数:
2019年04期
页码:
408-413
栏目:
出版日期:
2019-08-24

文章信息/Info

Title:
Intrusion detection algorithm for industrial control networksbased on auto-encoder and extreme learning machine
文章编号:
1005-9830(2019)04-0408-06
作者:
李 熠李永忠
江苏科技大学 计算机学院,江苏 镇江 212003
Author(s):
Li YiLi Yongzhong
School of Computer,Jiangsu University of Science and Technology,Zhenjiang 212003,China
关键词:
工控网络 入侵检测 自编码器 极限学习机
Keywords:
industrial control network intrusion detection auto-encoder extreme learning machine
分类号:
TP309
DOI:
10.14177/j.cnki.32-1397n.2019.43.04.005
摘要:
针对目前未知工业控制网络攻击检测方法处于初级阶段,浅层次的选取特征分类导致检测率较低的问题,提出一种稀疏自编码-极限学习机入侵检测模型。该文所提算法通过深度学习的稀疏自编码器在训练时结合编码层的系数惩罚和重构误差对高维数据进行特征提取,再运用极限学习机对提取的特征进行快速有效地精准分类,使用工控入侵检测标准数据集对算法准确性进行了验证,通过和不同类型的入侵检测模型进行比较。结果表明:该文方法可以有效提升入侵检测系统性能,符合工业控制入侵检测“高精度、低误报”的要求。
Abstract:
Aiming at the problem that the existing unknown industrial control network attack detection method is in the initial stage and the low-layer selection feature classification leads to low detection accuracy,a sparse auto-encoder-extreme learning machine intrusion detection model is proposed. The proposed algorithm uses the deep learning auto-encoder to combine the penalty parameter and reconstruction error of the encode layer to extract the features of high-dimensional data during the training stage,and then uses the extreme learning machine to quickly and effectively classify the extracted features. The accuracy of the algorithm is verified by the industrial control intrusion detection standard data set. Comparing with different types of intrusion detection methods,the experiment verify that the method can effectively improve the performance of the intrusion detection system and reduce the false alarm rate. It meets the requirements of“high accuracy and low false positive rate”for industrial control intrusion detection.

参考文献/References:

[1] 陶耀东,李宁,曾广圣. 工业控制系统安全综述[J]. 计算机工程与应用,2016,52(13):8-18.
Tao Yaodong,Li Ning,Zeng Guangsheng. Review of industrial control systems security[J]. Computer Engineering and Applications,2016,52(13):8-18.
[2]尚文利,安攀峰,万明,等. 工业控制系统入侵检测技术的研究及发展综述[J]. 计算机应用研究,2017,34(2):328-333,342.
Shang Wenli,An Panfeng,Wan Ming,et al. Research and development overview of intrusion detection technology in industrial control system[J]. Application Research of Computers,2017,34(2):328-333,342.
[3]尚文利,张盛山,万明,等. 基于PSO-SVM的Modbus TCP通讯的异常检测方法[J]. 电子学报,2014,42(11):2314-2320.
Shang Wenli,Zhang Shengshan,Wan Ming,et al. Modbus/TCP communication anomaly detection algorithm based on PSO-SVM[J]. Acta Electronica Sinica,2014,42(11):2314-2320.
[4]陈庄,黄勇,邹航. 基于离群点挖掘的工业控制系统异常检测[J]. 计算机科学,2014,41(5):178-181,203.
Chen Zhuang,Huang Yong,Zou Hang. Anomaly detection of industrial control system based on outlier mining[J]. Computer Science,2014,41(5):178-181,203.
[5]Beaver J M,Borges-Hink R C,Buckner M A. An evaluation of machine learning methods to detect malicious SCADA communications[C]//Proceedings of the 2013 12th International Conference on Machine Learning and Applications-Volume 02. New York,USA:IEEE,2013.
[6]张云贵,赵华,王丽娜. 基于工业控制模型的非参数CUSUM入侵检测方法[J]. 东南大学学报(自然科学版),2012,42(S1):55-59.
Zhang Yungui,Zhao Hua,Wang Lina. A non-parametric CUSUM intrusion detection method based on industrial control model[J]. Journal of Southeast University,2012,42(S1):55-59.
[7]高春梅. 基于工业控制网络的流量异常检测[D]. 北京:北京工业大学,2014.
[8]Hinton G E,Osindero S,Teh Y W. A fast learning algorithm for deep belief nets[J]. Neural Computation,2006,18(7):1527-1554.
[9]孙康,李千目,李德强. 基于级联卷积神经网络的人脸检测算法[J]. 南京理工大学学报,2018,42(1):40-47.
Sun Kang,Li Qianmu,Li Deqiang. Face detection algorithm based on cascaded convolutional neural network[J]. Journal of Nanjing University of Science and Technology. 2018,42(1):40-47.
[10]徐萍,吴超,胡峰俊,等. 基于迁移学习的个性化循环神经网络语言模型[J]. 南京理工大学学报,2018,42(4):401-408.
Xu Ping,Wu Chao,Hu Fengjun,et al. Personalized recurrent neural network language model based on transfer learning[J]. Journal of Nanjing University of Science and Technology,2018,42(1):40-47.
[11]Hinton G E,Salakhutdinov R. Reducing the dimensionality of data with neural networks[J]. Science,2006(313):504-507.
[12]袁非牛,章琳,史劲亭,等. 自编码神经网络理论及应用综述[J]. 计算机学报,2019,42(1):203-230.
Yuan Feiniu,Zhang Lin,Shi Jinting,et al. Theories and applications of auto-encoder neural networks:a literature survey[J]. Chinese Journal of Computers,2019,42(1):203-230.
[13]王声柱,李永忠. 基于深度学习和半监督学习的入侵检测算法[J]. 信息技术,2017(1):101-104,108.
Wang Shengzhu,Li Yongzhong. Intrusion detection algorithm based on deep learning and semi-supervised learning[J]. Information Technology,2017(1):101-104,108.
[14]Huang G B,Zhu Q Y,Siew C K. Extreme learning machine:Theory and applications[J]. Neu-rocomputing,2006,70(1-3):489-501.
[15]Morris T,Gao W. Industrial control system traffic data sets for intrusion detection research[C]//International Conference on Critical Infrastructure Protection. Berlin,Germany:Springer,2014.
[16]谢中华. Matlab统计分析与应用:40个案例分析[M]. 北京:北京航空航天大学出版社,2010.
[17]安琪. 基于深度置信网络的入侵检测研究[D]. 兰州:兰州大学,2016.
[18]于海宁. 基于MLP和Elman混合神经网络的入侵检测系统[D]. 哈尔滨:哈尔滨工业大学,2008.
[19]王华忠,杨智慧,颜秉勇,等. 融合PCA和PSO-SVM方法在工控入侵检测中的应用[J]. 科技通报,2017,33(1):80-85.
Wang Huazhong,Yang Zhihui,Yan Bingyong,et al. Application of fusion PCA and PSO-SVM method in industrial control intrusion detection[J]. Bulletin of Science and Technology,2017,33(1):80-85.

相似文献/References:

[1]钱玉文,王飞,孔建寿,等.基于模糊Petri网的协同入侵检测系统[J].南京理工大学学报(自然科学版),2008,(06):738.
 QIAN Yu-wen,WANG Fei,KONG Jian-shou,et al.Synergetic Intrusion Detection System Based on Fuzzy Petri Net[J].Journal of Nanjing University of Science and Technology,2008,(04):738.
[2]张琨,徐永红,王珩,等.基于免疫学的入侵检测系统模型[J].南京理工大学学报(自然科学版),2002,(04):337.
 ZhangKun XuYonghong WangHeng LiuFengyu.Model of Intrusion Detection System Based on Immunology[J].Journal of Nanjing University of Science and Technology,2002,(04):337.

备注/Memo

备注/Memo:
收稿日期:2019-04-15 修回日期:2019-05-30
作者简介:李熠(1994-),男,硕士生,主要研究方向:网络安全,E-mail:crush_lee121@163.com; 通讯作者:李永忠(1961-),男,教授,主要研究方向:网络安全,E-mail:liyongzhong61@163.com。
引文格式:李熠,李永忠. 基于自编码器和极限学习机的工业控制网络入侵检测算法[J]. 南京理工大学学报,2019,43(4):408-413.
投稿网址:http://zrxuebao.njust.edu.cn
更新日期/Last Update: 2019-09-30