| 3rd International Symposium on Resource Exploration and Environmental Science | |
| Research on Network Traffic Anomaly Detection of Source-Network-Load Industrial Control System Based on GRU-OCSVM | |
| 生态环境科学 | |
| Huo, Xuesong^1 ; Wu, Kehe^2 ; Miao, Weiwei^3 ; Wang, Liming^1 ; He, Hui^2 ; Su, Dawei^1 | |
| State Grid Jiangsu Electric Power Co. Ltd., Power Dispatching Control Center, Nanjing | |
| 210000, China^1 | |
| School of Control and Computer Engineering, North China Electric Power University, Beijing | |
| 102206, China^2 | |
| Information and Communication Branch of State Grid Jiangsu Electric Power Co. Ltd., Nanjing | |
| 210019, China^3 | |
| 关键词: Distributed generators; False positive rates; Flow charac-teristics; High detection rate; Industrial control systems; Time characteristics; Traffic anomaly detections; Traffic sequence; | |
| Others : https://iopscience.iop.org/article/10.1088/1755-1315/300/4/042043/pdf DOI : 10.1088/1755-1315/300/4/042043 |
|
| 学科分类:环境科学(综合) | |
| 来源: IOP | |
 PDF
|
|
【 摘 要 】
With the large number of distributed generators and diverse loads connected to industrial control systems, there are more and more interactions among power supply, power grid and load. Any network link attack in the source network will affect the security of the industrial control system, resulting in economic loss of the industrial control system. Therefore, it is very important to study the network attacks against the source-network-load industrial control system. Aiming at the current insufficient situation of network traffic anomaly detection in the source-network-load industrial control system, this paper analysed the composition and flow characteristics of the source-network-load system, studied the scheme of network traffic anomaly detection of the source-network-load system, and proposed a network traffic anomaly detection algorithm based on GRU-OCSVM. The time characteristics of the traffic sequence were extracted by the GRU and input into OCSVM for traffic anomaly detection. Finally, the original network traffic of the source-network-load system was collected to construct anomaly detection data set for simulation experiment. The experimental results showed that the proposed method had high detection rate and low false positive rate, which can meet the needs of network traffic anomaly detection in the source-network-load system.
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| Research on Network Traffic Anomaly Detection of Source-Network-Load Industrial Control System Based on GRU-OCSVM | 674KB |  download |
878987797
028-85220240
