摘要
针对采用以太网控制自动化技术(Ether CAT)工业总线的感应电机交-直-交变频矢量控制系统的入侵检测技术进行了研究.首先通过对Ether CAT总线协议进行深度解析,结合目前为止已经发现的Ether CAT工业总线常见协议漏洞,提取协议数据包的关键特征并构建Ether CAT总线协议入侵检测规则库,采用三维指针链表树作为针对Ether CAT总线协议规则库的检索数据结构;其次,根据感应电机交-直-交变频矢量控制系统的物理模型,进行模型参数仿真计算,并根据仿真计算值,构建矢量控制模型入侵特征的最小二乘支持向量机(least square support vector machine,LSSVM)分类器,使用混沌粒子群优化(choatics particle swarm optimization,CPSO)算法对分类器的参数进行优化,二者共同构成了CPSO-LSSVM入侵检测分类算法.异常数据包在被分类后,会被传递给Suricata入侵检测引擎进行精确规则匹配;最后为该入侵检测系统搭建物理实验环境,经过测试,本文中的交-直-交变频矢量控制模型仿真结果动态性能良好,与实际矢量控制系统参数的波形变化趋势相近.通过抽取KDD Cup99测试数据集中的一部分对该入侵检测系统实施DOS攻击、R2L、U2R以及PROBING攻击行为,验证该入侵检测系统的有效性.
As induction motors are the control core in variable-frequency speed-regulating systems,their efficient operation in industrial production processes needs to be ensured.To realize this,the accuracy and security of control commands and equipment parameters have been the priorities for industrial security protection research.This study aims to investigate the intrusion detection techniques of the AC-DC-AC variable-frequency vector control system for induction motors under Ether CAT industrial bus.First,the Ether CAT bus protocol is deeply analyzed,and combined with the Ether CAT industrial bus common protocol vulnerabilities that have been discovered so far,the key characteristics of the protocol data packets are extracted,and the Ether CAT bus protocol intrusion detection rule base is constructed.A three-dimensional pointer linked list tree is used as the retrieval data structure for the Ether CAT bus protocol rule base.Second,model parameters are simulated and calculated based on the physical model of the AC-DC-AC inverter vector control system of the induction motor.Then a least-squares support vector machine(LSSVM)with the characteristics of vector control model intrusion is constructed on the basis of the simulation results,and the parameters of LSSVM classifier are optimized using the chaotic particle swarm optimization(CPSO)algorithm,both of which constitute the CPSO-LSSVM intrusion detection classification algorithm.After the anomaly data packets are classified,they will be transferred to the Suricata intrusion detection engine for precise rule matching.Finally,a physical experiment environment is built for the intrusion detection system.The simulation results of the AC-DCAC variable-frequency vector control model in this paper show good dynamic performance,which is similar to the trend of waveform change on actual vector control system parameters.The effectiveness of the intrusion detection system is verified by extracting part of the KDD Cup99 test dataset to implement the behaviors of attacks,such as the denial of service(DOS),remote-to-local(R2 L),userto-root(U2 R),and Probing attacks on the intrusion detection system.
作者
曹策
解仑
李连鹏
王志良
CAO Ce;XIE Lun;LI Lian-peng;WANG Zhi-liang(School of Computer and Communication Engineering,University of Science and Technology Beijing,Beijing 100083,China)
出处
《工程科学学报》
EI
CSCD
北大核心
2019年第8期1074-1084,共11页
Chinese Journal of Engineering
基金
国家重点研发计划课题资助项目(2017YFB1302104)
智能机器人与系统高精尖创新中心开放课题资助项目(2018IRS01)
国家自然科学基金资助项目(61672093,61432004)
关键词
变频调速系统
入侵检测技术
EtherCAT总线
最小二乘支持向量机
规则匹配
variable-frequency speed-regulating system
intrusion detection technology
EtherCAT bus
least-squares support vector machine
rule matching
