摘要
针对工业互联网安全态势评估存在数据特征提取困难和安全态势评估准确率低等难题,提出一种基于改进随机森林的工业互联网安全态势评估方法.基于随机采样技术平衡原始数据集以减小不平衡数据集对实验的影响;利用梯度提升决策树确定工业互联网流量数据中不同特征的权重系数,结合递归特征消除法提取其关键特征;构建基于改进随机森林的工业互联网多分类攻击检测模型,识别网络受到的攻击类别,并结合安全态势量化指标确定其风险程度.实验结果表明,本文算法的检测准确率和F1值分别达到89.19%和89.68%,相较于传统随机森林算法、支持向量机和K最近邻算法,其准确率和F1值分别至少提高2.91%和1.7%,平均分别提高8.38%和9.33%.
Aiming at the difficulties of data feature extraction and low accuracy of industrial Internet security situa⁃tion assessment method,a method of security situation assessment based on improved random forest for industrial Internet is proposed.The original data set is balanced based on random sampling technique to reduce the influence of unbalanced da⁃ta set on the experiment.The gradient boosting decision tree is used to determine the weight coefficients of different fea⁃tures in industrial Internet traffic data,and the key features are extracted by the recursive feature elimination method.Con⁃struct a multi-classification attack detection model for the industrial Internet based on improved random forest,identify the types of attacks on the network,and determine the degree of risk in combination with the quantitative indicators of security situation.The experimental results show that the detection accuracy and F1 score of this algorithm reach 89.19%and 89.68%respectively.Compared with the traditional random forest algorithm,support vector machine and k-nearest neigh⁃bor algorithm,the accuracy and F1 score are improved by at least 2.91%and 1.7%respectively,with an average increase of 8.38%and 9.33%.
作者
胡向东
万润楠
HU Xiang-dong;WAN Run-nan(School of Modern Posts,Chongqing University of Posts and Telecommunications,Chongqing 400065,China;School of Automation/School of Industrial Internet,Chongqing University of Posts and Telecommunications,Chongqing 400065,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2024年第3期783-791,共9页
Acta Electronica Sinica
基金
重庆市高校创新研究群体(No.CXQT20016)。
关键词
工业互联网
态势评估
特征提取
梯度提升决策树
随机森林
industrial internet
situation assessment
feature extraction
gradient boosting decision tree
random forest
