摘要
针对传统入侵检测方法无法有效处理工业控制系统(ICS)海量、高维的网络流量数据问题,提出了基于长短时记忆网络(LSTM)的工控入侵检测技术.首先,由于原始数据集存在数据样本不平衡问题,采用合成少数类过采样技术(SMOTE)对数据进行预处理.然后,通过固定其它参数不变而变化一种参数和交叉验证的方式选择相对最优的LSTM模型.最后,在工控网络标准数据集上将本文算法与传统入侵检测方法进行对比实验.结果表明,对预处理后数据,基于LSTM的工控入侵检测方法比传统方法具有更高的准确率.
We propose an industrial control system intrusion detection method based on long short term memory( LSTM) networks to handle massive,high-dimensional network traffic data samples in the industrial control system( ICS). Firstly,we employed the synthetic minority oversampling technique since the original data set has imbalanced samples. Then,we optimized the LSTM model the cross-validation method. Finally,a comparison experiment with the traditional intrusion detection method is investigated using the standard industrial data set. The results show that the LSTM-based intrusion detection method had a higher accuracy than the traditional method after data preprocessing.
作者
於帮兵
王华忠
颜秉勇
YU Bangbing;WANG Huazhong;YAN Bingyong(Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, East China University of Science and Technology, Shanghai 200237, Chin)
出处
《信息与控制》
CSCD
北大核心
2018年第1期54-59,共6页
Information and Control
基金
国家自然科学基金青年基金资助项目(51407078)
关键词
工业控制系统
入侵检测
不平衡数据
深度学习
长短时记忆网络
industrial control system
intrusion detection
imbalanced data
deep learning
long short term memory
