摘要
通信行为的异常检测是工业控制系统入侵检测的难点问题。在现有研究工作基础上,阐述了工业控制系统入侵检测技术的国内外研究现状,归纳和总结了现存的问题,指出单类支持向量机(OCSVM)算法在工业控制系统入侵检测中的优越性。结合工业控制系统的专有协议特点,介绍了单类支持向量机在工业控制系统入侵检测中的应用原理及其现有工作;最后指出了单类支持向量机在工业控制系统入侵检测中存在的问题及发展方向。
Anomaly detection based on communication behavior is a difficuh problem in intrusion detection of industrial con- trol systems. This paper described the research status of intrusion detection technology of industrial control system, summarized the existing problems on the basis of the existing studies, and pointed out the superiority of one-class support vector machine (OCSVM) algorithm in intrusion detection of industrial control systems. This paper introduced principle and the existing work of OCSVM in intrusion detection of industrial control systems combined features of proprietary protocols of industrial control systems. In the end, it refered to problems and development direction of one-class support vector machine in intrusion detec- tion of industrial control systems.
出处
《计算机应用研究》
CSCD
北大核心
2016年第1期7-11,共5页
Application Research of Computers
基金
国家"863"计划资助项目(2015AA043901)
关键词
工业控制系统
入侵检测
单类支持向量机
通信协议
industrial control systems
intrusion detection
one-class SVM
communication protocol
