• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

解释基于深度学习的工业控制网络入侵检测系统的属性。

Explaining the Attributes of a Deep Learning Based Intrusion Detection System for Industrial Control Networks.

机构信息

College of Computer Science, Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China.

Automation Engineering Institute, Beijing Polytechnic, Beijing 100176, China.

出版信息

Sensors (Basel). 2020 Jul 8;20(14):3817. doi: 10.3390/s20143817.

DOI:10.3390/s20143817
PMID:32650574
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC7411823/
Abstract

Intrusion detection is only the initial part of the security system for an industrial control system. Because of the criticality of the industrial control system, professionals still make the most important security decisions. Therefore, a simple intrusion alarm has a very limited role in the security system, and intrusion detection models based on deep learning struggle to provide more information because of the lack of explanation. This limits the application of deep learning methods to industrial control network intrusion detection. We analyzed the deep neural network (DNN) model and the interpretable classification model from the perspective of information, and clarified the correlation between the calculation process of the DNN model and the classification process. By comparing the normal samples with the abnormal samples, the abnormalities that occur during the calculation of the DNN model compared to the normal samples could be found. Based on this, a layer-wise relevance propagation method was designed to map the abnormalities in the calculation process to the abnormalities of attributes. At the same time, considering that the data set may already contain some useful information, we designed filtering rules for a kind of data set that can be obtained at a low cost, so that the calculation result is presented in a more accurate manner, which should help professionals lock and address intrusion threats more quickly.

摘要

入侵检测只是工控系统安全系统的初始部分。由于工控系统的关键性,专业人员仍然做出最重要的安全决策。因此,简单的入侵报警在安全系统中的作用非常有限,而基于深度学习的入侵检测模型由于缺乏解释而难以提供更多信息。这限制了深度学习方法在工业控制网络入侵检测中的应用。我们从信息的角度分析了深度神经网络(DNN)模型和可解释分类模型,并阐明了 DNN 模型的计算过程与分类过程之间的相关性。通过将正常样本与异常样本进行比较,可以找到 DNN 模型在计算过程中与正常样本相比出现的异常情况。在此基础上,设计了一种逐层相关性传播方法,将计算过程中的异常情况映射到属性的异常情况上。同时,考虑到数据集可能已经包含一些有用的信息,我们为一种可以低成本获得的数据集设计了过滤规则,以使计算结果更准确地呈现,这应该有助于专业人员更快地锁定和解决入侵威胁。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/7802ad42654b/sensors-20-03817-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/00860c0edea1/sensors-20-03817-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/a3158ad5509a/sensors-20-03817-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/dc099700aeaf/sensors-20-03817-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/0a1c2ae091d6/sensors-20-03817-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/0d77054e8051/sensors-20-03817-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/590202d0da71/sensors-20-03817-g006a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/7802ad42654b/sensors-20-03817-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/00860c0edea1/sensors-20-03817-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/a3158ad5509a/sensors-20-03817-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/dc099700aeaf/sensors-20-03817-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/0a1c2ae091d6/sensors-20-03817-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/0d77054e8051/sensors-20-03817-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/590202d0da71/sensors-20-03817-g006a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d22c/7411823/7802ad42654b/sensors-20-03817-g007.jpg

相似文献

1
Explaining the Attributes of a Deep Learning Based Intrusion Detection System for Industrial Control Networks.解释基于深度学习的工业控制网络入侵检测系统的属性。
Sensors (Basel). 2020 Jul 8;20(14):3817. doi: 10.3390/s20143817.
2
Improving the Classification Effectiveness of Intrusion Detection by Using Improved Conditional Variational AutoEncoder and Deep Neural Network.使用改进的条件变分自编码器和深度神经网络提高入侵检测的分类有效性
Sensors (Basel). 2019 Jun 2;19(11):2528. doi: 10.3390/s19112528.
3
Towards an Effective Intrusion Detection Model Using Focal Loss Variational Autoencoder for Internet of Things (IoT).基于焦点损失变分自动编码器的物联网(IoT)有效入侵检测模型。
Sensors (Basel). 2022 Aug 4;22(15):5822. doi: 10.3390/s22155822.
4
Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.用于车载网络安全的基于深度神经网络的入侵检测系统
PLoS One. 2016 Jun 7;11(6):e0155781. doi: 10.1371/journal.pone.0155781. eCollection 2016.
5
Intrusion Detection of UAVs Based on the Deep Belief Network Optimized by PSO.基于 PSO 优化的深度置信网络的无人机入侵检测。
Sensors (Basel). 2019 Dec 14;19(24):5529. doi: 10.3390/s19245529.
6
Multi-step attack detection in industrial networks using a hybrid deep learning architecture.使用混合深度学习架构的工业网络多步攻击检测
Math Biosci Eng. 2023 Jun 16;20(8):13824-13848. doi: 10.3934/mbe.2023615.
7
A Multi-Layer Classification Approach for Intrusion Detection in IoT Networks Based on Deep Learning.基于深度学习的物联网网络入侵检测的多层分类方法。
Sensors (Basel). 2021 Apr 24;21(9):2987. doi: 10.3390/s21092987.
8
Deep Stacking Network for Intrusion Detection.深度堆叠网络入侵检测。
Sensors (Basel). 2021 Dec 22;22(1):25. doi: 10.3390/s22010025.
9
Malicious Network Traffic Detection Based on Deep Neural Networks and Association Analysis.基于深度神经网络和关联分析的恶意网络流量检测。
Sensors (Basel). 2020 Mar 6;20(5):1452. doi: 10.3390/s20051452.
10
A Hybrid Spectral Clustering and Deep Neural Network Ensemble Algorithm for Intrusion Detection in Sensor Networks.一种用于传感器网络入侵检测的混合谱聚类与深度神经网络集成算法
Sensors (Basel). 2016 Oct 13;16(10):1701. doi: 10.3390/s16101701.

引用本文的文献

1
Intrusion Detection Model for Industrial Internet of Things Based on Improved Autoencoder.基于改进型自动编码器的工业物联网入侵检测模型。
Comput Intell Neurosci. 2022 May 27;2022:1406214. doi: 10.1155/2022/1406214. eCollection 2022.
2
Modeling of a Novel Coaxial Ducted Fan Aerial Robot Combined with Corner Environment by Using Artificial Neural Network.基于人工神经网络的新型共轴涵道风扇空中机器人拐角环境建模。
Sensors (Basel). 2020 Oct 14;20(20):5805. doi: 10.3390/s20205805.

本文引用的文献

1
Interpretable deep neural networks for single-trial EEG classification.用于单次试验脑电图分类的可解释深度神经网络。
J Neurosci Methods. 2016 Dec 1;274:141-145. doi: 10.1016/j.jneumeth.2016.10.008. Epub 2016 Oct 13.
2
On Pixel-Wise Explanations for Non-Linear Classifier Decisions by Layer-Wise Relevance Propagation.关于通过逐层相关性传播对非线性分类器决策进行逐像素解释
PLoS One. 2015 Jul 10;10(7):e0130140. doi: 10.1371/journal.pone.0130140. eCollection 2015.