With the development of deep learning and federated learning(FL),federated intrusion detection systems(IDSs)based on deep learning have played a significant role in securing industrial control systems(ICSs).However,ad...With the development of deep learning and federated learning(FL),federated intrusion detection systems(IDSs)based on deep learning have played a significant role in securing industrial control systems(ICSs).However,adversarial attacks on ICSs may compromise the ability of deep learning-based IDSs to accurately detect cyberattacks,leading to serious consequences.Moreover,in the process of generating adversarial samples,the selection of replacement models lacks an effective method,which may not fully expose the vulnerabilities of the models.The authors first propose an automated FL-based method to generate adversarial samples in ICSs,called AFL-GAS,which uses the prin-ciple of transfer attack and fully considers the importance of replacement models during the process of adversarial sample generation.In the proposed AFL-GAS method,a lightweight neural architecture search method is developed to find the optimised replacement model composed of a combination of four lightweight basic blocks.Then,to enhance the adversarial robustness,the authors propose a multi-objective neural archi-tecture search-based IDS method against adversarial attacks in ICSs,called MoNAS-IDSAA,by considering both classification performance on regular samples and adver-sarial robustness simultaneously.The experimental results on three widely used intrusion detection datasets in ICSs,such as secure water treatment(SWaT),Water Distribution,and Power System Attack,demonstrate that the proposed AFL-GAS method has obvious advantages in evasion rate and lightweight compared with other four methods.Besides,the proposed MoNAS-IDSAA method not only has a better classification performance,but also has obvious advantages in model adversarial robustness compared with one manually designed federated adversarial learning-based IDS method.展开更多
In recent years,deep learning has been applied to a variety of scenarios in Industrial Internet of Things(IIoT),including enhancing the security of IIoT.However,the existing deep learning methods utilised in IIoT secu...In recent years,deep learning has been applied to a variety of scenarios in Industrial Internet of Things(IIoT),including enhancing the security of IIoT.However,the existing deep learning methods utilised in IIoT security are manually designed by heavily relying on the experience of the designers.The authors have made the first contribution concerning the joint optimisation of neural architecture search and hyper-parameters optimisation for securing IIoT.A novel automated deep learning method called synchronous optimisation of parameters and architectures by GA with CNN blocks(SOPA-GA-CNN)is proposed to synchronously optimise the hyperparameters and block-based architectures in convolutional neural networks(CNNs)by genetic algorithms(GA)for the intrusion detection issue of IIoT.An efficient hybrid encoding strategy and the corresponding GA-based evolutionary operations are designed to characterise and evolve both the hyperparameters,including batch size,learning rate,weight optimiser and weight regularisation,and the architectures,such as the block-based network topology and the parameters of each CNN block.The experimental results on five intrusion detection datasets in IIoT,including secure water treatment,water distribution,Gas Pipeline,Botnet in Internet of Things and Power System Attack Dataset,have demonstrated the superiority of the proposed SOPA-GA-CNN to the state-of-the-art manually designed models and neuron-evolutionary methods in terms of accuracy,precision,recall,F1-score,and the number of parameters of the deep learning models.展开更多
基金This work was supported in part by National Natural Science Foundation of China(Grant Nos.61972288 and 92067108)Natural Science Foundation of Guangdong Province(Grant No.2021A151501131)+1 种基金in part by the MIIT Project Industrial Internet identification resolution system security monitoring and protection(Grant No.TC220H078)in part by the Guangdong Key Laboratory of Data Security and Privacy Preserving,National Joint Engineering Research Center of Network Security Detection and Protection Technology.
文摘With the development of deep learning and federated learning(FL),federated intrusion detection systems(IDSs)based on deep learning have played a significant role in securing industrial control systems(ICSs).However,adversarial attacks on ICSs may compromise the ability of deep learning-based IDSs to accurately detect cyberattacks,leading to serious consequences.Moreover,in the process of generating adversarial samples,the selection of replacement models lacks an effective method,which may not fully expose the vulnerabilities of the models.The authors first propose an automated FL-based method to generate adversarial samples in ICSs,called AFL-GAS,which uses the prin-ciple of transfer attack and fully considers the importance of replacement models during the process of adversarial sample generation.In the proposed AFL-GAS method,a lightweight neural architecture search method is developed to find the optimised replacement model composed of a combination of four lightweight basic blocks.Then,to enhance the adversarial robustness,the authors propose a multi-objective neural archi-tecture search-based IDS method against adversarial attacks in ICSs,called MoNAS-IDSAA,by considering both classification performance on regular samples and adver-sarial robustness simultaneously.The experimental results on three widely used intrusion detection datasets in ICSs,such as secure water treatment(SWaT),Water Distribution,and Power System Attack,demonstrate that the proposed AFL-GAS method has obvious advantages in evasion rate and lightweight compared with other four methods.Besides,the proposed MoNAS-IDSAA method not only has a better classification performance,but also has obvious advantages in model adversarial robustness compared with one manually designed federated adversarial learning-based IDS method.
基金supported by the National Natural Science Foundation of China(Grant Nos.61972288 and 92067108)Key-Area Research and Development Program of Guangdong Province(Grant No.2020B0101090004)+2 种基金the Natural Science Foundation of Guangdong Province(Grant No.2021A151501131)Guangdong Key Laboratory of Data Security and Privacy PreservingNational Joint Engineering Research Center of Network Security Detection and Protection Technology.
文摘In recent years,deep learning has been applied to a variety of scenarios in Industrial Internet of Things(IIoT),including enhancing the security of IIoT.However,the existing deep learning methods utilised in IIoT security are manually designed by heavily relying on the experience of the designers.The authors have made the first contribution concerning the joint optimisation of neural architecture search and hyper-parameters optimisation for securing IIoT.A novel automated deep learning method called synchronous optimisation of parameters and architectures by GA with CNN blocks(SOPA-GA-CNN)is proposed to synchronously optimise the hyperparameters and block-based architectures in convolutional neural networks(CNNs)by genetic algorithms(GA)for the intrusion detection issue of IIoT.An efficient hybrid encoding strategy and the corresponding GA-based evolutionary operations are designed to characterise and evolve both the hyperparameters,including batch size,learning rate,weight optimiser and weight regularisation,and the architectures,such as the block-based network topology and the parameters of each CNN block.The experimental results on five intrusion detection datasets in IIoT,including secure water treatment,water distribution,Gas Pipeline,Botnet in Internet of Things and Power System Attack Dataset,have demonstrated the superiority of the proposed SOPA-GA-CNN to the state-of-the-art manually designed models and neuron-evolutionary methods in terms of accuracy,precision,recall,F1-score,and the number of parameters of the deep learning models.
