摘要
针对目前未知工业控制网络攻击检测方法处于初级阶段,浅层次的选取特征分类导致检测率较低的问题,提出一种稀疏自编码-极限学习机入侵检测模型。该文所提算法通过深度学习的稀疏自编码器在训练时结合编码层的系数惩罚和重构误差对高维数据进行特征提取,再运用极限学习机对提取的特征进行快速有效地精准分类,使用工控入侵检测标准数据集对算法准确性进行了验证,通过和不同类型的入侵检测模型进行比较。结果表明:该文方法可以有效提升入侵检测系统性能,符合工业控制入侵检测“高精度、低误报”的要求。
Aiming at the problem that the existing unknown industrial control network attack detection method is in the initial stage and the low-layer selection feature classification leads to low detection accuracy,a sparse auto-encoder-extreme learning machine intrusion detection model is proposed.The proposed algorithm uses the deep learning auto-encoder to combine the penalty parameter and reconstruction error of the encode layer to extract the features of high-dimensional data during the training stage,and then uses the extreme learning machine to quickly and effectively classify the extracted features.The accuracy of the algorithm is verified by the industrial control intrusion detection standard data set.Comparing with different types of intrusion detection methods,the experiment verify that the method can effectively improve the performance of the intrusion detection system and reduce the false alarm rate.It meets the requirements of“high accuracy and low false positive rate”for industrial control intrusion detection.
作者
李熠
李永忠
Li Yi;Li Yongzhong(School of Computer,Jiangsu University of Science and Technology,Zhenjiang 212003,China)
出处
《南京理工大学学报》
EI
CAS
CSCD
北大核心
2019年第4期408-413,共6页
Journal of Nanjing University of Science and Technology
关键词
工控网络
入侵检测
自编码器
极限学习机
industrial control network
intrusion detection
auto-encoder
extreme learning machine
