Deep Learning Anomaly Detection Based on Hierarchical Status-Connection Features in Networked Control Systems
文献类型:期刊论文
| 作者 | Zhao JM(赵剑明)2,4,5,6 ; Zeng P(曾鹏)2,4,5,6; Chen CY(陈春雨)2,4,5,6; Dong, Zhiwei3; Han, Jongho1
|
| 刊名 | INTELLIGENT AUTOMATION AND SOFT COMPUTING
 |
| 出版日期 | 2021 |
| 卷号 | 30期号:1页码:337-350 |
| 关键词 | Deep learning anomaly detection networked control system CNN LSTM |
| ISSN号 | 1079-8587 |
| 产权排序 | 1 |
| 英文摘要 | As networked control systems continue to be widely used in large-scale industrial productions, industrial cyber-attacks have become an inevitable problem that can cause serious damage to critical infrastructures. In practice, industrial intrusion detection has been widely acknowledged to detect abnormal communication behaviors. However, unlike traditional IT systems, networked control systems have their own communication characteristics due to specific industrial communication protocols. Thus, simple cyber-attack modeling is inadequate and impractical for high-efficiency intrusion detection because the characteristics of network control systems are less considered. Based on the status information and transmission connection in industrial communication data payloads, which can properly express the characteristics of industrial control logic, this paper associates industrial communication features with transmission connection payload and status payload. Furthermore, transmission connection features include device address, context, time, and packet length, while status features cover measurement, input, distributed state, control state, and more. After designing a convolutional neural network (CNN) and a long short-term memory network (LSTM) to extract status features and transmission connection features from industrial communication data, this paper proposes a hierarchical deep learning anomaly detection approach, which can integrate the advantages of CNN and LSTM to achieve high-efficiency detection. The experimental results clearly show that the proposed approach, having the advantages of strong detection capability and low false alarm rate, is a superior means of anomaly detection when compared to its peers. |
| WOS关键词 | INTRUSION DETECTION ; DESIGN ; IOT |
| 资助项目 | [2019GW-12] |
| WOS研究方向 | Automation & Control Systems ; Computer Science |
| 语种 | 英语 |
| WOS记录号 | WOS:000679282400004 |
| 资助机构 | “Security Protection Technology of Embedded Components and Control Units in Power System Terminal” (2019GW-12) |
| 源URL | [http://ir.sia.cn/handle/173321/29390]  |
| 专题 | 沈阳自动化研究所_工业控制网络与系统研究室 |
| 通讯作者 | Zeng P(曾鹏) |
| 作者单位 | 1.Korea Intelligent Automotive Parts Promotion Institute, Daegu, 43011, Korea 2.University of Chinese Academy of Sciences, Beijing, 100049, China 3.State Grid Liaoning Electric Power Company Limited Electric Power Research Institute, Shenyang, 110016, China 4.Institutes for Robotics and Intelligent Manufacturing, Chinese Academy of Sciences, Shenyang, 110016, China 5.State Key Laboratory of Robotics, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang, 110016, China 6.Key Laboratory of Networked Control Systems, Chinese Academy of Sciences, Shenyang 110016, China |
| 推荐引用方式 GB/T 7714 | Zhao JM,Zeng P,Chen CY,et al. Deep Learning Anomaly Detection Based on Hierarchical Status-Connection Features in Networked Control Systems[J]. INTELLIGENT AUTOMATION AND SOFT COMPUTING,2021,30(1):337-350. |
| APA | Zhao JM,Zeng P,Chen CY,Dong, Zhiwei,&Han, Jongho.(2021).Deep Learning Anomaly Detection Based on Hierarchical Status-Connection Features in Networked Control Systems.INTELLIGENT AUTOMATION AND SOFT COMPUTING,30(1),337-350. |
| MLA | Zhao JM,et al."Deep Learning Anomaly Detection Based on Hierarchical Status-Connection Features in Networked Control Systems".INTELLIGENT AUTOMATION AND SOFT COMPUTING 30.1(2021):337-350. |
入库方式: OAI收割
来源:沈阳自动化研究所
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。