摘要
造纸工控网络的数据特征具有复杂性和多样性,对于高隐蔽性入侵行为,其特征可能被混杂在正常操作和噪声中,增加了检测的难度。为此,提出基于最小二乘支持向量机的造纸工控网络高隐蔽性入侵检测方法。首先,使用CEEMD算法对网络数据进行分解,得到一系列固有模态分量(IMF),利用排列熵对IMF分量进行分析,确定高噪声IMF分量;使用小波降噪对高噪声IMF分量展开抗干扰处理。然后,使用互信息特征选择方法对抗干扰处理后的入侵数据进行特征提取。最后,将提取到的入侵数据特征作为输入数据,通过最小二乘支持向量机(LS-SVM)建立一个判别函数,该函数根据输入数据的特征值进行分类,并判断网络中是否存在高隐蔽性入侵行为。实验结果表明,所提方法最高入侵检测准确率达到0.98,Kappa统计量最大为0.99,表明所提方法的数据处理效果好、网络入侵检测精度高。
The data features of the paper industry control network are complex and diverse,and for highly covert intrusion behaviors,their features may be mixed in normal operation and noise,increasing the difficulty of detection.To this end,a highly covert intrusion detection method for paper industry control networks based on least squares support vector machines is proposed.Firstly,the CEEMD algorithm is used to decompose the network data to obtain a series of intrinsic mode components(IMF).The IMF components are analyzed using permutation entropy to determine the high noise IMF components;Using wavelet denoising to perform anti-interference processing on high noise IMF components.Then,Mutual information Feature selection method is used to extract features from intrusion data after anti-jamming.Finally,the extracted intrusion data features are used as input data,and a discriminant function is established using Least Squares Support Vector Machine(LS-SVM).This function classifies based on the feature values of the input data and determines whether there is a high level of covert intrusion behavior in the network.The experimental results show that the highest intrusion detection accuracy of the proposed method is 0.98,and the maximum Kappa statistic is 0.99,indicating that the proposed method has good data processing performance and high network intrusion detection accuracy.
作者
秦宁宁
QIN Ningning(Yulin National Open University,Yulin 719000,China)
出处
《造纸科学与技术》
2024年第1期42-47,共6页
Paper Science & Technology
基金
陕西广播电视大学一般科研项目(15D-04-B21)。
关键词
网络入侵检测
最小二乘支持向量机
小波阈值降噪
排列熵
互信息特征选择
network intrusion detection
least squares support vector machine
wavelet threshold denoising
permutation entropy
mutual information feature selection
