摘要
随着信息技术的发展,轨道交通领域基于通信的列车控制信号系统(CBTC)、综合监控系统(ISCS)等与信息化深度融合,越来越多的系统、控制网络采用以太网协议,导致网络安全风险越来越高。针对轨道交通网络通信特点,提出了一种基于深度学习的轨道交通网络安全威胁多维度识别方法,全方位提取轨道交通网络专用协议网络流量的原始报文、网络日志和配置信息,并以提取到的信息作为输入量构建轨道交通网络攻击流量多维度深度学习识别模型,由此得到的轨道交通网络流量特征更加合理准确,在不影响目标网络正常业务运行的前提下,可以有效提升轨道交通网络攻击/异常流量识别的准确率。
With the development of information technology,communication based train control signal systems(CBTC)and integrated supervisory control systems(ISCS)in the field of rail transit are deeply integrated with information technology.More and more systems and control networks adopt Ethernet protocol,which leads to increasingly high network security risks.Aiming at the communication characteristics of rail transit networks,a multi-dimensional identification method is proposed for rail transit network security threats based on deep learning.The original packets,network logs,and configuration information of rail transit network dedicated protocol network traffic are comprehensively extracted,and a multi-dimensional deep learning identification model for rail transit network attack traffic is constructed by using the extracted information as the input.The obtained rail transit network traffic characteristics are more reasonable and accurate,and can effectively improve the accuracy of rail transit network attack/abnormal traffic identification without affecting the normal business operation of the target network.
作者
王进
董晓鲁
WANG Jin;DONG Xiaolu(Development Center(Information Center)of Ministry of Industry and Information Technology,Beijing 100846,China)
出处
《电子质量》
2024年第7期95-99,共5页
Electronics Quality
关键词
轨道交通网络安全
攻击识别
深度学习
多维度监测
rail transit network security
malicious detection
deep learning
multi-dimensional monitoring
