Qingdao Innovation and Development Base, Harbin Engineering University, Qingdao 266000, China.
Ship Science and Technology Co., Ltd., Harbin Engineering University, Qingdao 266000, China.
Sensors (Basel). 2023 Jan 19;23(3):1141. doi: 10.3390/s23031141.
Industrial Cyber-Physical Systems (ICPS) connect intelligent manufacturing equipment equipped with sensors, wireless and RFID communication technologies through data interaction, which makes the interior of the factory, even between factories, become a whole. However, intelligent factories will suffer information leakage and equipment damage when being attacked by ICPS intrusion. Therefore, the network security of ICPS cannot be ignored, and researchers have conducted in-depth research on network intrusion detection for ICPS. Though machine learning and deep learning methods are often used for network intrusion detection, the problem of data imbalance can cause the model to pay attention to the misclassification cost of the prevalent class, but ignore that of the rare class, which seriously affects the classification performance of network intrusion detection models. Considering the powerful generative power of the diffusion model, we propose an ICPS Intrusion Detection system based on the Diffusion model (IDD). Firstly, data corresponding to the rare class is generated by the diffusion model, which makes the training dataset of different classes balanced. Then, the improved BiLSTM classification network is trained on the balanced training set. Extensive experiments are conducted to show that the IDD method outperforms the existing baseline method on several available datasets.
工业网络物理系统 (ICPS) 通过数据交互将配备传感器、无线和 RFID 通信技术的智能制造设备连接起来,使得工厂内部甚至工厂之间成为一个整体。然而,智能工厂在受到 ICPS 入侵攻击时会遭受信息泄露和设备损坏。因此,ICPS 的网络安全不容忽视,研究人员已经对 ICPS 的网络入侵检测进行了深入研究。虽然机器学习和深度学习方法常用于网络入侵检测,但数据不平衡问题可能导致模型更关注常见类别的误分类成本,而忽略稀有类别的误分类成本,这严重影响了网络入侵检测模型的分类性能。考虑到扩散模型强大的生成能力,我们提出了一种基于扩散模型的 ICPS 入侵检测系统(IDD)。首先,通过扩散模型生成稀有类别的数据,使不同类别的训练数据集达到平衡。然后,在平衡的训练集上训练改进的 BiLSTM 分类网络。实验结果表明,在几个可用数据集上,IDD 方法优于现有的基线方法。
