Multi-level adaptive coupled method for industrial control networks safety based on machine learning

被引：7

作者：

Chen, Wanzhi ^{[1
]}

Liu Tianjiao ^{[1
]}

Tang Yu ^{[1
]}

Xu Dongsheng ^{[1
]}

机构：

[1] Liaoning Tech Univ, Huludao City 125105, Liaoning, Peoples R China

来源：

SAFETY SCIENCE | 2019年 / 120卷

关键词：

Industrial control network safety; Intrusion detection; White list filtering; Machine learning; Multi-level adaptive coupled; K-MEANS; INTRUSION; ALGORITHM; ENSEMBLE;

D O I：

10.1016/j.ssci.2019.07.012

中图分类号：

T [工业技术];

学科分类号：

08 ;

摘要：

In response to the problem of low detection rate on different types of attacks in industrial control networks safety by traditional single detection algorithm models, a multi-level adaptive coupled method combining white list technology and machine learning was proposed. The white list was used to filter the communication behaviors that could not match with the rules at first level, then machine learning model were used to anomaly detect the abnormal communication behaviors at second level. Firstly, In the process of machine learning, the original dataset was preprocessed by Principal Component Analysis (PCA). Then the off-line data training was carried out by adaptive coupled algorithm, and the classifier model was constructed secondly. Finally, on-line anomaly detection was realized. The experimental results show that the proposed method was improved the detection rate than other algorithm significantly.

引用

页码：268 / 275

页数：8

共 24 条

[1] A novel SVM-kNN-PSO ensemble method for intrusion detection system [J].

Aburomman, Abdulla Amin ;

Reaz, Mamun Bin Ibne .

APPLIED SOFT COMPUTING, 2016, 38 :360-372

[2] A Neural Network-Based Learning Algorithm for Intrusion Detection Systems [J].

Ahmed, Hassan I. ;

Elfeshawy, Nawal A. ;

Elzoghdy, S. F. ;

El-sayed, Hala S. ;

Faragallah, Osama S. .

WIRELESS PERSONAL COMMUNICATIONS, 2017, 97 (02) :3097-3112

[3] Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system [J].

Al-Yaseen, Wathiq Laftah ;

Othman, Zulaiha Ali ;

Nazri, Mohd Zakree Ahmad .

EXPERT SYSTEMS WITH APPLICATIONS, 2017, 67 :296-303

[4]

[Anonymous], 2017, B SCI TECHNOL

[5] A hybrid method consisting of GA and SVM for intrusion detection system [J].

Aslahi-Shahri, B. M. ;

Rahmani, R. ;

Chizari, M. ;

Maralani, A. ;

Eslami, M. ;

Golkar, M. J. ;

Ebrahimi, A. .

NEURAL COMPUTING & APPLICATIONS, 2016, 27 (06) :1669-1676

[6]

Bing Han, 2018, Petroleum, V4, P43, DOI 10.1016/j.petlm.2017.06.001

[7]

Chen Wanzhi, 2018, Journal of Computer Applications, V38, P363, DOI 10.11772/j.issn.1001-9081.2017061509

[8] Random Forest Modeling for Network Intrusion Detection System [J].

Farnaaz, Nabila ;

Jabbar, M. A. .

TWELFTH INTERNATIONAL CONFERENCE ON COMMUNICATION NETWORKS, ICCN 2016 / TWELFTH INTERNATIONAL CONFERENCE ON DATA MINING AND WAREHOUSING, ICDMW 2016 / TWELFTH INTERNATIONAL CONFERENCE ON IMAGE AND SIGNAL PROCESSING, ICISP 2016, 2016, 89 :213-217

[9] Detecting stealthy attacks against industrial control systems based on residual skewness analysis [J].

Hu, Yan ;

Li, Hong ;

Yang, Hong ;

Sun, Yuyan ;

Sun, Limin ;

Wang, Zhiliang .

EURASIP JOURNAL ON WIRELESS COMMUNICATIONS AND NETWORKING, 2019, 2019 (1)

[10] A survey of cyber security management in industrial control systems [J].

Knowles, William ;

Prince, Daniel ;

Hutchison, David ;

Disso, Jules Ferdinand Pagna ;

Jones, Kevin .

INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2015, 9 :52-80

← 1 2 3 →