Intrusion Detection System Based on One-Class Support Vector Machine of COME Module

被引：0

作者：

Zhang L. ^{[1
]}

Xie L. ^{[1
]}

Jin L.-C. ^{[1
]}

Wang Z.-L. ^{[1
]}

机构：

[1] School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing

来源：

Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology | 2019年 / 39卷 / 09期

关键词：

Anomaly detection model; COM-E module; Distributed control system; Industrial control system; One-class support vector machine (OCSVM) classification;

D O I：

10.15918/j.tbit1001-0645.2019.09.016

中图分类号：

学科分类号：

摘要：

According to the industrial control system (ICS) behavior, COM-Express Module and finite state characteristics, combined with the data packet protocol deep analysis and industrial control system process control model, a control instruction rule-matching detection algorithm of process control and a specific intrusion detection model of detection schemes were designed. Several executive technologies were introduced, including the process control rule of One-Class Support Vector Machine (OCSVM) classification, sample feature extraction of the intrusion detection model, the generation process of single classifier, and the transformation of detection algorithm. Considering the model training accuracy of distributed control system (DCS) and the simulation experiment data of intrusion detection, simulation experiments accompanied with usage of COM-E Module demonstrate the effectiveness of the model for anomaly intrusion detection in ICS network. Results show its huge practicability and promotion value. © 2019, Editorial Department of Transaction of Beijing Institute of Technology. All right reserved.

引用

页码：978 / 986

页数：8

共 18 条

[1] Stouffer K., Falco J., Scarfone K., Guide to industrial control systems (ICS) security, NIST Special Publication, 800, 82, pp. 16-18, (2011)
[2] Li Y., Ang K.H., Chong G.C.Y., Patents, software, and hardware for PID control: an overview and analysis of the current art, Control Systems, 26, 1, pp. 42-54, (2006)
[3] Cox D.P., The application of autonomic computing for the protection of industrial control systems, pp. 65-71, (2011)
[4] Wang X.S., Yang A., Shi Z.Q., Et al., New trend of information security in industrial control systems, Netinfo Security, 1, pp. 6-11, (2015)
[5] Li W., Xie L., Deng Z., Et al., False sequential logic attack on SCADA system and its physical impact analysis, Computers& Security, 58, pp. 149-159, (2016)
[6] Piggin R., Industrial systems: cyber-security's new battlefront information technology operational technology, Engineering & Technology, 9, 8, pp. 70-74, (2014)
[7] Burns A., McDermid J., Dobson J., On the meaning of safety and security, The Computer Journal, 35, 1, pp. 3-15, (1992)
[8] Ralston P.A.S., Graham J.H., Hieb J.L., Cyber security risk assessment for SCADA and DCS networks, ISA Transactions, 46, 4, pp. 583-594, (2007)
[9] Ten C.W., Liu C.C., Manimaran G., Vulnerability assessment of cybersecurity for SCADA systems, IEEE Transactions on Power Systems, 23, 4, pp. 1836-1846, (2008)
[10] Karnouskos S., Stuxnet worm impact on industrial cyber-physical system security, Proceedings of IECON 2011-37th Annual Conference on IEEE Industrial Electronics Society, pp. 4490-4494, (2011)

← 1 2 →