基于SAE-SVM的CPS攻击检测

兰州理工大学学报 ›› 2021, Vol. 47 ›› Issue (2): 72-79.

• 自动化技术与计算机技术 • 上一篇下一篇

基于SAE-SVM的CPS攻击检测

王志文^*1, 曹旭¹, 黄涛²

1.兰州理工大学电气工程与信息工程学院, 甘肃兰州 730050;
2.中国市政工程西北设计研究院有限公司, 甘肃兰州 730000

收稿日期:2019-11-19 出版日期:2021-04-28 发布日期:2021-05-11
通讯作者: 王志文(1976-),男,甘肃省武威人,博士,教授.Email:wzw@lut.edu.cn
基金资助:
国家自然科学基金(61751315,61863026,61563031)

CPS attack detection based on SAE-SVM

WANG Zhi-wen¹, CAO Xu¹, HUANG Tao²

1. College of Electrical and Information Engineering,Lanzhou Univ. of Tech., Lanzhou 730050, China;
2. China Northwest Municipal Engineering Designing and Research Institute Co., Ltd., Lanzhou 730000, China

Received:2019-11-19 Online:2021-04-28 Published:2021-05-11

摘要/Abstract

摘要： 信息物理系统(CPS)在工业控制和关键基础设施等领域被广泛应用,由于具有易受攻击的特点,CPS的安全问题变得尤为重要.为了提高CPS攻击检测的准确度,提出一种稀疏自动编码器(SAE)与支持向量机(SVM)结合的攻击检测算法.针对CPS中数据维数高的问题,使用SAE对数据进行特征学习与降维处理,以无监督方法重建新的特征表示;在此基础上以建立一种优化的检测模型为目标,利用改进细菌觅食算法(IBFA)优化SVM的参数.采用田纳西-伊士曼(TE)过程模型为仿真基础,模拟CPS受到恶意攻击的情况,并用提出的算法进行检测.结果表明,所提算法可以有效检测到攻击的发生,并缩短检测时间,提高了CPS的安全性能.

关键词: 信息物理系统, 攻击检测, 稀疏自编码器, 支持向量机, 参数优化

Abstract: Cyber-physical system (CPS) is widely used in industrial control and critical infrastructures. Because of its vulnerability, the security of CPS is especially important. In order to improve the accuracy of CPS attack detection, an attack detection method combining sparse autoencoder (SAE) and support vector machine (SVM) is proposed in this paper. For the purpose of dimension reduction of data in CPS, SAE is used to learn and reduce dimension of the data, and the unsupervised method is adopted to reconstruct the new representation of features. On this basis, in order to establish an optimized detection model, improved bacterial foraging algorithm(IBFA) is employed to optimize parameters of SVM. The Tennessee-Eastman process model is utilized as simulation foundation to simulate a malicious attack to CPS, and the proposed algorithm is then used to detect the attack. Results coming out of above simulation and detections indicate that the proposed algorithm can detect occurrence of attacks effectively, which not only shorten detection time but also improve security performance of CPS.

Key words: cyber-physical system, attack detection, sparse autoencoder, support vector machine, parameter optimization

中图分类号:

TP273

王志文, 曹旭, 黄涛. 基于SAE-SVM的CPS攻击检测[J]. 兰州理工大学学报, 2021, 47(2): 72-79.

WANG Zhi-wen, CAO Xu, HUANG Tao. CPS attack detection based on SAE-SVM[J]. Journal of Lanzhou University of Technology, 2021, 47(2): 72-79.

参考文献

[1] LU T,LIN J,ZHAO L,et al.A security architecture in cyber-physical systems:security theories,analysis,simulation and application fields [J].International Journal of Security &Its Applications,2015,9(7):1-16.
[2] 吕雪峰,谢耀滨.一种基于状态迁移图的工业控制系统异常检测方法[J].自动化学报,2018,44(9):1662-1671.
[3] ASHFAQ R A R,WANG X Z,HUANG J Z,et al.Fuzziness based semi-supervised learning approach for intrusion detection system[J].Information Sciences,2016,378:484-497.
[4] JABBAR M A,SAMREEN S.Intelligent network intrusion detection using alternating decision trees[C]//2016 International Conference on Circuits,Controls,Communications and Computing (I4C).Bangalore,India:IEEE,2016:1-6.
[5] RUIZ Z,SALVADOR J,GARCIA-RODRIGUEZ J.A survey of machine learning methods for big data[C]//International Work-Conference on the Interplay Between Natural &Artificial Computation.[S.l.]:Springer,2017:259-267.
[6] LI L,HAO Z,PENG H,et al.Nearest neighbors based density peaks approach to intrusion detection[J].Chaos Solitons &Fractals,2018,110:33-40.
[7] CHAPELLE O,HAFFNER P,VAPNIK V N.Support vector machines for histogram-based image classification[J].IEEE Transactions on Neural Networks,1999,10(5):1055-1064.
[8] SHAMSUI H,HOHN Y,MEHEDI H M,et al.Securing the operations in SCADA-IoT platform based industrial control system using ensemble of deep belief networks[J].Applied Soft Computing,2018,71:66-77.
[9] KIM G,LEE S,KIM S.A novel hybrid intrusion detection method integrating anomaly detection with misuse detection[J].Expert Systems with Applications,2014,41(4):1690-1700.
[10] SHANG W,CUI J,SONG C,et al.Research on industrial control anomaly detection based on FCM and SVM[C]//2018 17th IEEE International Conference on Trust,Security and Privacyin Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE).New York,USA:IEEE,2018:218-222.
[11] BEAVER J M,BORGES-HINK R C,BUCKNER M A.An evaluation of machine learning methods to detect malicious SCADA Communications[C]//2013 12th International Conference on Machine Learning and Applications.Miami,USA:IEEE,2013:54-59.
[12] KISS I,GENGE B,HALLER P.A clustering-based approach to detect cyber attacks in process control systems[C]//IEEE International Conference on Industrial Informatics.Cambridge,England:IEEE,2015:142-148.
[13] SOKOLOV A N,PYATNITSKY I A,ALABUGIN S K.Research of classical machine learning methods and deep learning models effectiveness in detecting anomalies of industrial control system[C]//2018 Global Smart Industry Conference (GloSIC).Chelyabinsk,Russia:IEEE,2018:1-6.
[14] LECUN Y,BENGIO Y,HINTON G.Deep learning[J].Nature,2015,521:436-444.
[15] XU L,CAO M,SONG B,et al.pen-circuit fault diagnosis of power rectifier using sparse autoencoder based deep neural network[J].Neurocomputing,2018,311:1-10.
[16] ZENG N,ZHANG H,SONG B,et al.Facial expression recognition via learning deep sparse autoencoders[J].Neurocomputing,2018,273:643-649.
[17] WAHAB O A,MOURAD A,OTROK H,et al.CEAP:SVM-based intelligent detection model for clustered vehicular ad hoc networks[J].Expert Systems with Applications,2016,50:40-54.
[18] DAS S,DASGUPTA S,BISWAS A,et al.On stability of the chemotactic dynamics in bacterial-foraging optimization algorithm[J].IEEE Transactions on Systems,Man,and Cybernetics-Part A:Systems and Humans,2009,39(3):670-679.
[19] COELLO C A C,PULIDO G T,LECHUGA M S.Handling multiple objectives with particle swarm optimization[J].IEEE Transactions on Evolutionary Computation,2004,8(3):256-279.
[20] DOWNS J J,VOGEL E F.A plant-wide industrial process control problem[J].Computers and Chemical Engineering,1993,17(3):245-255.
[21] CHANG C C,LIN C J.LIBSVM:a library for support vector machines[DB/OL].(2020-11-10).http://www.csie.ntu.edu.tw/~cjlin/libsvm.

基于SAE-SVM的CPS攻击检测

CPS attack detection based on SAE-SVM

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 8

编辑推荐

Metrics

本文评价

[1]	祝超群, 朱怡蓉. 虚假数据注入攻击下信息物理系统动态输出反馈控制[J]. 兰州理工大学学报, 2023, 49(1): 74-82.
[2]	祝超群, 黄鹏. DoS攻击下信息物理系统事件触发保性能控制[J]. 兰州理工大学学报, 2022, 48(6): 74-80.
[3]	谢小正, 王晋, 赵荣珍, 李俊, 吕伟前. 基于小波包能量熵和GWO-SVM的滚动轴承故障诊断[J]. 兰州理工大学学报, 2022, 48(5): 59-64.
[4]	李有堂, 汤雷武, 黄华, 吴荣荣. 基于优化最小二乘支持向量机的数控机床热误差建模分析[J]. 兰州理工大学学报, 2022, 48(3): 35-41.
[5]	王志文, 陈万杰, 孙洪涛. 双端动态事件触发下信息物理系统输出反馈H_∞控制[J]. 兰州理工大学学报, 2022, 48(3): 77-85.
[6]	朱昶胜,田慧星,冯文芳. 基于Adaboost算法结合DEGWO-SVM的财务困境预测[J]. 兰州理工大学学报, 2021, 47(6): 100-107.
[7]	朱昶胜, 李岁寒. 基于改进果蝇优化算法的随机森林回归模型及其在风速预测中的应用[J]. 兰州理工大学学报, 2021, 47(4): 83-90.
[8]	蒲武军, 潘欢. 社团生成结构的电力信息物理系统鲁棒性分析[J]. 兰州理工大学学报, 2021, 47(3): 78-85.