期刊文献+

基于层次分析法的工控网络态势评估研究

Network situation assessment on industrial control system based on analytic hierarchy process
下载PDF
导出
摘要 现有的网络安全态势评估方法没有考虑到工业控制系统(industrial control system,ICS)网络安全需求的特殊性,无法实现准确的评估。此外,ICS传输大量异构数据,容易受到网络攻击,现有的分类方法无法有效处理多类别不平衡数据。针对该问题,本文首先分析了工控系统的特点,提出了基于层次分析法的工控系统安全态势量化评估方法,该方法可以更准确地反映ICS网络安全状况;然后针对多攻击类型数据不平衡问题,提出了平均欠过采样方法,以平衡数据并且不会导致数据量过大;最后基于极限梯度提升(extreme gradient boosting,XGBoost)算法构建了ICS网络态势评估分类器,实验表明,本文设计的分类模型相较于传统分类算法支持向量机、K近邻以及随机森林可以实现更好的精度。 Existing network security situation assessment methods do not take into account the particularity of industrial control system(ICS)network security requirements,and they cannot achieve accurate assessment.In addition,ICS transmits a large amount of heterogeneous data,which is vulnerable to network attacks,and the existing classification methods cannot effectively deal with multi-class unbalanced data.To address this problem,this paper first analyzes the characteristics of industrial control systems and proposes a quantitative assessment method for industrial control system security posture based on analytic hierarchy process,which can more accurately represent the ICS network security status;it proposes an average under-over sampling method for the problem of data imbalance of multiple attack types,which balances the data and does not lead to excessive data volume;finally,based on the extreme gradient boosting(XGBoost)it is used to construct a classifier for ICS network situational assessment,with experiments showing that the classification model designed in this paper can achieve better accuracy than the traditional classification algorithms of support vector machine,K-nearest neighbor and random forest.
作者 郭琳 易军凯 王浩 GUO Lin;YI Junkai;WANG Hao(School of Automation,Beijing Information Science and Technology University,Beijing 100192,China)
出处 《西安理工大学学报》 CAS 北大核心 2024年第2期260-268,共9页 Journal of Xi'an University of Technology
基金 国家自然科学基金资助项目(U1636208)。
关键词 工业控制系统 网络安全态势评估 层次分析法 数据采样 ICS network security situation assessment analytic hierarchy process data sampling
  • 相关文献

参考文献3

二级参考文献29

共引文献61

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部