Anomaly detection for industrial control operations with optimized ABC–SVM and weighted function code correlation analysis
作者: Ming Wan , Jinfang Li , Kai Wang , Bailing Wang
DOI: 10.1007/S12652-020-02636-1
关键词: Data mining 、 Modbus 、 Computer science 、 Function Code 、 Support vector machine 、 Anomaly detection 、 Communications protocol 、 Function (mathematics) 、 Computational intelligence
摘要: Under the tendency of interconnection and interoperability in Industrial Internet, anomaly detection, which has been widely recognized, won significant accomplishments industrial cyber security. However, a crucial issue is how to effectively extract communication features can accurately comprehensively describe control operations. Aiming at function code field Modbus/TCP protocol, this paper proposes novel feature extraction algorithm based on weighted correlation, not only indicates contribution single whole sequence, but also analyzes correlation different codes. In order design serviceable detection engine, dynamic adjusting ABC–SVM (Artificial Bee Colony–Support Vector Machine) model double mutations developed identify abnormal behaviors communications. The experimental results show that proposed reflect changes behavior communications, improved strengthen performance by comparing with other engines.
springer.com
sci-hub.st 参考文章(35)
Chen Ting, Detection System and the Realization of the Principle of BP Neural Network Based Intrusion international conference on measuring technology and mechatronics automation. pp. 377- 382 ,(2015) , 10.1109/ICMTMA.2015.97
Zakarya Drias, Ahmed Serhrouchni, Olivier Vogel, Taxonomy of attacks on industrial control protocols 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS). pp. 1- 6 ,(2015) , 10.1109/NOTERE.2015.7293513
Brendan Galloway, Gerhard P. Hancke, Introduction to Industrial Control Networks IEEE Communications Surveys and Tutorials. ,vol. 15, pp. 860- 880 ,(2013) , 10.1109/SURV.2012.071812.00124
Manuel Cheminod, Luca Durante, Adriano Valenzano, Review of Security Issues in Industrial Networks IEEE Transactions on Industrial Informatics. ,vol. 9, pp. 277- 293 ,(2013) , 10.1109/TII.2012.2198666
Mohammed El-Abd, Performance assessment of foraging algorithms vs. evolutionary algorithms Information Sciences. ,vol. 182, pp. 243- 263 ,(2012) , 10.1016/J.INS.2011.09.005
Jing Bi, Kun Zhang, Xiaojing Cheng, Intrusion Detection Based on RBF Neural Network international symposium on information engineering and electronic commerce. pp. 357- 360 ,(2009) , 10.1109/IEEC.2009.80
Zhaohong Deng, Fu-Lai Chung, Shitong Wang, Robust Relief-Feature Weighting, Margin Maximization, and Fuzzy Optimization IEEE Transactions on Fuzzy Systems. ,vol. 18, pp. 726- 744 ,(2010) , 10.1109/TFUZZ.2010.2047947
Mohammad Esmalifalak, Lanchao Liu, Nam Nguyen, Rong Zheng, Zhu Han, Detecting Stealthy False Data Injection Using Machine Learning in Smart Grid IEEE Systems Journal. ,vol. 11, pp. 1644- 1652 ,(2017) , 10.1109/JSYST.2014.2341597
Tiago Cruz, Luis Rosa, Jorge Proenca, Leandros Maglaras, Matthieu Aubigny, Leonid Lev, Jianmin Jiang, Paulo Simoes, A Cybersecurity Detection Framework for Supervisory Control and Data Acquisition Systems IEEE Transactions on Industrial Informatics. ,vol. 12, pp. 2236- 2246 ,(2016) , 10.1109/TII.2016.2599841
Uchenna P. Daniel Ani, Hongmei (Mary) He, Ashutosh Tiwari, Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective Journal of Cyber Security Technology. ,vol. 1, pp. 32- 74 ,(2017) , 10.1080/23742917.2016.1252211