基于KG-DBN-SVM的工控网络安全态势感知算法

KG-DBN-SVM Based Industrial Control Network Security Situational Awareness Algorithm

工业控制网络是重要的基础设施,保障其安全稳定运行非常重要。对工控网络进行安全态势感知研究,可以帮助安全人员从更加全面的层面发现潜在威胁,保障工控网络安全。工控网络数据来源很多、结构各异,存在多源异构的特点,从这一点出发对数据进行分析,可以更好地感知工控网络安全态势。本文使用知识图谱对多源异构数据进行结构化,然后利用深度置信网络对不同工控实体数据进行特征提取与降维,最后利用支持向量机进行分类判断确定,并进行数据调优,得到最佳的工控网络安全态势感知模型。在公共的工控安全数据集上进行对比实验,实验结果表明,本文算法在准确率、召回率与F1指标上分别达到了0.938、0.891和0.914的结果,优于对比较的一系列工控网络安全算法。

Industrial control network is an important infrastructure,therefore it is very important to ensure its safe and stable operation.Conducting security situational awareness research on industrial control networks can help security personnel to discover potential threats from a more overall level and ensure the security of the industrial control network.Industrial control network data has many sources and different structures,has the characteristics of multi-source heterogeneous.Analyzing data from this point can better aware the security situation of industrial control networks.This paper uses Knowledge Graph to structure multi-source heterogeneous data,then use Deep Belief Network to extract features and reduce the dimensionality of different industrial control entity data,and finally use Support Vector Machine to classify and determine,then do parameter tuning to get the best industrial control network security situation awareness model.Comparative experiments on public industrial control security dataset show that the algorithm in this paper has achieved results of 0.938,0.891,and 0.914 in accuracy,recall and F1 score,which are better than a series of compared industrial control network security algorithms.