期刊文献+

一种面向工控系统的PU学习入侵检测方法 被引量:4

A PU learning intrusion detection method for industrial control system
下载PDF
导出
摘要 工业控制系统与物理环境联系紧密,受到攻击会直接造成经济损失,人员伤亡等后果,工业控制系统入侵检测可以提供有效的安全防护。工业控制系统中将入侵检测作为一个异常检测问题,本文围绕PU learning(Positive-unlabeled learning, PU学习)进行工业控制系统入侵检测进行研究。首先针对工业控制系统中数据维度高的特点,提出了一种特征重要度计算方法,通过正例数据集和无标签数据集的分布差异度量特征重要度,用于PU学习的特征选择;其次提出了一种基于OCSVM(One-Class SVM)的类先验估计算法,该算法可以稳定且准确的估计出类先验概率,为PU学习提供必要的先验知识;最后采用了三个公开数据集进行实验,在仅有一类标签数据的条件下,通过PU学习发现待检测数据中的异常样本,并与一些现有的模型进行对比,验证了PU学习的有效性。 Industrial control systems are closely related to the physical environment.Attacks will directly cause economic losses,casualties and other consequences.Intrusion detection system can provide effective security protection.In industrial control systems,intrusion detection is regarded as an anomaly detection problem.This paper focuses on the intrusion detection through PU learning(Positive-unlabeled learning).Firstly,due to the high dimensionality of data in industrial control systems,a feature importance calculation method is proposed.The feature importance is measured by the distribution difference between the positive data set and unlabeled data set,which is used for the feature selection of PU learning.Secondly,a class prior estima-tion algorithm based on OCSVM(One-Class SVM)is proposed.This algorithm can estimate class prior stably and accurately.It provides necessary prior knowledge for PU learning.Finally,three public data sets were used for experiments.Under the condi-tion of only one type of label data,abnormal samples in the data to be detected were found through PU learning.Meanwhile,PU learning is compared with some existing models to verify the effectiveness of PU learning.
作者 吕思才 张格 张耀方 刘红日 王子博 王佰玲 LV Sicai;ZHANG Ge;ZHANG Yaofang;LIU Hongri;WANG Zibo;WANG Bailing(School of Computer Science and Technology,Harbin Institute of Technology at Weihai,Weihai 264209,China;China Industrial Control Systems Cyber Emergency Response Team,Beijing 100040,China;Research Institute of CyberSpace Security,Harbin Institute of Technology,Weihai 264209,China)
出处 《信息安全学报》 CSCD 2021年第4期72-89,共18页 Journal of Cyber Security
基金 国防基础科研计划(No.JCKY2019608B001)资助。
关键词 工业控制系统 入侵检测 PU学习 类先验概率估计 industrial control system intrusion detection positive-unlabeled learning class prior estimation
  • 相关文献

参考文献15

二级参考文献263

共引文献249

同被引文献32

引证文献4

二级引证文献18

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部