信息与控制2018,Vol.47Issue(6):755-760,6.DOI:10.13976/j.cnki.xk.2018.7431
基于增量单类支持向量机的工业控制系统入侵检测
Intrusion Detection Based on Incremental One-class Support Vector Machine for Industrial Control System
摘要
Abstract
Intrusion detection in industrial control systems is a challenging problem in industrial networks and is usually characterized by low speed, high cost, and poor scalability. We use the one-class support vector machine (OCSVM) algorithm in a communication model of learning normal behavior from normal Modbus/TCP date sets. As the new sample continues to increase, the current training sample set is reduced from the nearclass interval and Karush-Kuhn-Tucker (KKT) conditions to improve the learning speed, and the reduced training sample set is used in the OCSVM incremental training. Our experimental data analysis shows that this method has higher classification accuracy and improves the learning speed of the intrusion detection system.关键词
增量学习/入侵检测/单类支持向量机/信息安全Key words
incremental learning/intrusion detection/one-class support vector machine (OCSVM)/information security分类
信息技术与安全科学引用本文复制引用
李挺,洪镇南,刘智勇,肖体正..基于增量单类支持向量机的工业控制系统入侵检测[J].信息与控制,2018,47(6):755-760,6.基金项目
湖南省自然科学基金资助项目(2017JJ4048) (2017JJ4048)
