[1]李琪,刘春霞,高改梅.基于CapsNet和SRU的工业互联网入侵检测方法[J].计算机技术与发展,2024,34(07):93-99.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0097]
 LI Qi,LIU Chun-xia,GAO Gai-mei.Intrusion Detection Model Based on CapsNet and SRU for Industrial Internet[J].,2024,34(07):93-99.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0097]
点击复制

基于CapsNet和SRU的工业互联网入侵检测方法

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
34
期数:
2024年07期
页码:
93-99
栏目:
网络空间安全
出版日期:
2024-07-10

文章信息/Info

Title:
Intrusion Detection Model Based on CapsNet and SRU for Industrial Internet
文章编号:
1673-629X(2024)07-0093-07
作者:
李琪刘春霞高改梅
太原科技大学 计算机科学与技术学院,山西 太原 030024
Author(s):
LI QiLIU Chun-xiaGAO Gai-mei
School of Computer Science and Technology,Taiyuan University of Science and Technology,Taiyuan 030024,China
关键词:
入侵检测工业互联网数据平衡胶囊网络简单循环单元自注意力机制
Keywords:
intrusion detectionindustrial Internetdata balancingcapsule networksimple recurrent unitself-attention mechanism
分类号:
TP391
DOI:
10.20165/j.cnki.ISSN1673-629X.2024.0097
摘要:
随着工业互联网的普及,工业系统中大量的基础设施和设备接入互联网,使得工业系统更容易受到外部攻击,工 业互联网入侵检测成为保障工业网络安全和稳定运营的重要手段。 针对现有的深度学习方法在工业互联网入侵检测中存在数据特征提取不全和对罕见攻击检测准确率低的问题,提出一种基于胶囊网络(CapsNet)和简单循环单元( SRU)融合的工业互联网入侵检测模型。 采用 SMOTE-ENN 算法完成数据的平衡处理,结合简单循环单元神经网络和引入残差块的胶囊网络分别提取流量数据的时间和空间特征,通过自注意力机制进行特征加权,进而提高模型的检测性能。 在气体管道数据集上,对比经过 SMOTE-ENN 算法处理前后的预测结果,该模型对 MSCI 和 MFCI 类别的识别精度分别提高 4. 69百分点和 4. 41 百分点,表明数据平衡算法提高了分类器对少数类样本的预测能力,对比其他模型,该模型的准确率达到99. 36% ,误报率为 0. 73% 。
Abstract:
With the popularization of the industrial Internet, a large number of infrastructure and equipment in industrial systems are connected to the Internet,making industrial systems more vulnerable to external attacks. Industrial Internet intrusion detection has become an important means to ensure the security and stable operation of industrial networks. Existing deep learning methods have problems with incomplete data feature extraction and low accuracy in detecting rare attacks in industrial Internet intrusion detection. Therefore, an industrial Internet intrusion detection model based on the fusion of Capsule Network (CapsNet) and Simple Recurrent Unit ( SRU) is proposed. The SMOTE-ENN algorithm is used to complete the balanced processing of data,combining the simple recurrent unit neural network and the capsule that introduces the residual block. The network extracts the temporal and spatial features of the traffic data re-spectively,and weights the features through the self-attention mechanism,thereby improving the detection performance of the model. On the gas pipeline data set, comparing the prediction results before and after processing by the SMOTE -ENN algorithm, the proposed model's recognition accuracy for the MSCI and MFCI categories is increased by 4. 69 percentage points and 4. 41 percentage points re-spectively,indicating that the data balancing algorithm improves the classifier's prediction ability for a few categories of samples.Compared with other models,the accuracy of the proposed model reaches 99. 36% and the false positive rate is 0. 73% .

相似文献/References:

[1]李雷 丁亚丽 罗红旗.基于规则约束制导的入侵检测研究[J].计算机技术与发展,2010,(03):143.
 LI Lei,DING Ya-li,LUO Hong-qi.Intrusion Detection Technology Research Based on Homing - Constraint Rule[J].,2010,(07):143.
[2]马志远,曹宝香.改进的决策树算法在入侵检测中的应用[J].计算机技术与发展,2014,24(01):151.
 MA Zhi-yuan,CAO Bao-xiang.Application of Improved Decision Tree Algorithm in Intrusion Detection System[J].,2014,24(07):151.
[3]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(07):148.
[4]林英 张雁 欧阳佳.日志检测技术在计算机取证中的应用[J].计算机技术与发展,2010,(06):254.
 LIN Ying,ZHANG Yan,OU Yang-jia.Application of Log Testing Technology in Computer Forensics[J].,2010,(07):254.
[5]李钦 余谅.基于免疫遗传算法的网格入侵检测模型[J].计算机技术与发展,2009,(05):162.
 LI Qin,YU Liang.Grid Intrusion Detection Model Based on Immune Genetic Algorithm[J].,2009,(07):162.
[6]黄世权.网络存储安全分析[J].计算机技术与发展,2009,(05):170.
 HUANG Shi-quan.Analysis of Network Storage's Safety[J].,2009,(07):170.
[7]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(07):168.
[8]胡琼凯 黄建华.基于协议分析和决策树的入侵检测研究[J].计算机技术与发展,2009,(06):179.
 HU Oiong-kai,HUANG Jian-hua.Intrusion Detection Based on Protocol Analysis and Decision Tree[J].,2009,(07):179.
[9]汪世义.基于优化支持向量机的网络入侵检测技术研究[J].计算机技术与发展,2009,(07):177.
 WANG Shi-yi.Network Intrusion Detection Based on Improved Support Vector Machine[J].,2009,(07):177.
[10]薛俊 陈行 陶军.一种基于神经网络的入侵检测技术[J].计算机技术与发展,2009,(08):148.
 XUE Jun,CHEN Hang,TAO Jun.Technology of Intrusion Detection Based on Neural Network[J].,2009,(07):148.

更新日期/Last Update: 2024-07-10