• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于变分自编码器的轻量级无监督入侵检测模型

A Lightweight Unsupervised Intrusion Detection Model Based on Variational Auto-Encoder.

作者信息

Ren Yi, Feng Kanghui, Hu Fei, Chen Liangyin, Chen Yanru

机构信息

School of Computer Science, Sichuan University, Chengdu 610065, China.

Institute for Industrial Internet Research, Sichuan University, Chengdu 610065, China.

出版信息

Sensors (Basel). 2023 Oct 12;23(20):8407. doi: 10.3390/s23208407.

DOI:10.3390/s23208407
PMID:37896500
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10611103/
Abstract

With the gradual integration of internet technology and the industrial control field, industrial control systems (ICSs) have begun to access public networks on a large scale. Attackers use these public network interfaces to launch frequent invasions of industrial control systems, thus resulting in equipment failure and downtime, production data leakage, and other serious harm. To ensure security, ICSs urgently need a mature intrusion detection mechanism. Most of the existing research on intrusion detection in ICSs focuses on improving the accuracy of intrusion detection, thereby ignoring the problem of limited equipment resources in industrial control environments, which makes it difficult to apply excellent intrusion detection algorithms in practice. In this study, we first use the spectral residual (SR) algorithm to process the data; we then propose the improved lightweight variational autoencoder (LVA) with autoregression to reconstruct the data, and we finally perform anomaly determination based on the permutation entropy (PE) algorithm. We construct a lightweight unsupervised intrusion detection model named LVA-SP. The model as a whole adopts a lightweight design with a simpler network structure and fewer parameters, which achieves a balance between the detection accuracy and the system resource overhead. Experimental results on the ICSs dataset show that our proposed LVA-SP model achieved an F1-score of 84.81% and has advantages in terms of time and memory overhead.

摘要

随着互联网技术与工业控制领域的逐步融合,工业控制系统(ICS)已开始大规模接入公共网络。攻击者利用这些公共网络接口频繁入侵工业控制系统,从而导致设备故障和停机、生产数据泄露等严重危害。为确保安全,工业控制系统迫切需要一种成熟的入侵检测机制。现有的大多数关于工业控制系统入侵检测的研究都集中在提高入侵检测的准确性上,从而忽略了工业控制环境中设备资源有限的问题,这使得优秀的入侵检测算法在实际中难以应用。在本研究中,我们首先使用频谱残差(SR)算法处理数据;然后提出带有自回归的改进型轻量级变分自编码器(LVA)来重构数据,最后基于排列熵(PE)算法进行异常判定。我们构建了一个名为LVA-SP的轻量级无监督入侵检测模型。该模型整体采用轻量级设计,网络结构更简单,参数更少,在检测准确率和系统资源开销之间实现了平衡。在工业控制系统数据集上的实验结果表明,我们提出的LVA-SP模型的F1分数达到了84.81%,并且在时间和内存开销方面具有优势。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/0980064f5e62/sensors-23-08407-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/7c3a2f60fdc6/sensors-23-08407-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/5f5dcf4c19b3/sensors-23-08407-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/2f1c10eb06bc/sensors-23-08407-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/c1f4dda57570/sensors-23-08407-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/8956f32dc185/sensors-23-08407-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/03002e7fac06/sensors-23-08407-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/30d40648003b/sensors-23-08407-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/97049faffb52/sensors-23-08407-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/4bdd5cd75b72/sensors-23-08407-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/c363540047c2/sensors-23-08407-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/7957e4a80233/sensors-23-08407-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/f34b06cc9303/sensors-23-08407-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/521a15916674/sensors-23-08407-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/fab518facafb/sensors-23-08407-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/0980064f5e62/sensors-23-08407-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/7c3a2f60fdc6/sensors-23-08407-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/5f5dcf4c19b3/sensors-23-08407-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/2f1c10eb06bc/sensors-23-08407-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/c1f4dda57570/sensors-23-08407-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/8956f32dc185/sensors-23-08407-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/03002e7fac06/sensors-23-08407-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/30d40648003b/sensors-23-08407-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/97049faffb52/sensors-23-08407-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/4bdd5cd75b72/sensors-23-08407-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/c363540047c2/sensors-23-08407-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/7957e4a80233/sensors-23-08407-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/f34b06cc9303/sensors-23-08407-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/521a15916674/sensors-23-08407-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/fab518facafb/sensors-23-08407-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/af30/10611103/0980064f5e62/sensors-23-08407-g015.jpg

相似文献

1
A Lightweight Unsupervised Intrusion Detection Model Based on Variational Auto-Encoder.基于变分自编码器的轻量级无监督入侵检测模型
Sensors (Basel). 2023 Oct 12;23(20):8407. doi: 10.3390/s23208407.
2
Lightweight Long Short-Term Memory Variational Auto-Encoder for Multivariate Time Series Anomaly Detection in Industrial Control Systems.轻量级长短时记忆变分自编码器在工业控制系统中多元时间序列异常检测中的应用
Sensors (Basel). 2022 Apr 9;22(8):2886. doi: 10.3390/s22082886.
3
Towards an Effective Intrusion Detection Model Using Focal Loss Variational Autoencoder for Internet of Things (IoT).基于焦点损失变分自动编码器的物联网(IoT)有效入侵检测模型。
Sensors (Basel). 2022 Aug 4;22(15):5822. doi: 10.3390/s22155822.
4
Conditional Variational Autoencoder for Prediction and Feature Recovery Applied to Intrusion Detection in IoT.用于预测和特征恢复的条件变分自编码器在物联网入侵检测中的应用
Sensors (Basel). 2017 Aug 26;17(9):1967. doi: 10.3390/s17091967.
5
Improving the Classification Effectiveness of Intrusion Detection by Using Improved Conditional Variational AutoEncoder and Deep Neural Network.使用改进的条件变分自编码器和深度神经网络提高入侵检测的分类有效性
Sensors (Basel). 2019 Jun 2;19(11):2528. doi: 10.3390/s19112528.
6
Intrusion Detection Model for Industrial Internet of Things Based on Improved Autoencoder.基于改进型自动编码器的工业物联网入侵检测模型。
Comput Intell Neurosci. 2022 May 27;2022:1406214. doi: 10.1155/2022/1406214. eCollection 2022.
7
Multi-Channel Multi-Scale Convolution Attention Variational Autoencoder (MCA-VAE): An Interpretable Anomaly Detection Algorithm Based on Variational Autoencoder.多通道多尺度卷积注意力变分自编码器(MCA-VAE):一种基于变分自编码器的可解释异常检测算法。
Sensors (Basel). 2024 Aug 16;24(16):5316. doi: 10.3390/s24165316.
8
A Hybrid Framework for Intrusion Detection in Healthcare Systems Using Deep Learning.基于深度学习的医疗系统入侵检测混合框架。
Front Public Health. 2022 Jan 12;9:824898. doi: 10.3389/fpubh.2021.824898. eCollection 2021.
9
A Diffusion Model Based on Network Intrusion Detection Method for Industrial Cyber-Physical Systems.基于扩散模型的工业网络物理系统入侵检测方法。
Sensors (Basel). 2023 Jan 19;23(3):1141. doi: 10.3390/s23031141.
10
Intrusion Detection in IoT Using Deep Learning.物联网中的深度学习入侵检测。
Sensors (Basel). 2022 Nov 2;22(21):8417. doi: 10.3390/s22218417.

引用本文的文献

1
EM-AUC: A Novel Algorithm for Evaluating Anomaly Based Network Intrusion Detection Systems.EM-AUC:一种用于评估基于异常的网络入侵检测系统的新算法。
Sensors (Basel). 2024 Dec 26;25(1):78. doi: 10.3390/s25010078.
2
Methodology for the Detection of Contaminated Training Datasets for Machine Learning-Based Network Intrusion-Detection Systems.用于基于机器学习的网络入侵检测系统的受污染训练数据集检测方法。
Sensors (Basel). 2024 Jan 12;24(2):479. doi: 10.3390/s24020479.

本文引用的文献

1
Lightweight Long Short-Term Memory Variational Auto-Encoder for Multivariate Time Series Anomaly Detection in Industrial Control Systems.轻量级长短时记忆变分自编码器在工业控制系统中多元时间序列异常检测中的应用
Sensors (Basel). 2022 Apr 9;22(8):2886. doi: 10.3390/s22082886.
2
A Review of Recurrent Neural Networks: LSTM Cells and Network Architectures.递归神经网络综述:长短期记忆细胞和网络架构。
Neural Comput. 2019 Jul;31(7):1235-1270. doi: 10.1162/neco_a_01199. Epub 2019 May 21.
3
Permutation entropy: a natural complexity measure for time series.
排列熵:一种用于时间序列的自然复杂性度量。
Phys Rev Lett. 2002 Apr 29;88(17):174102. doi: 10.1103/PhysRevLett.88.174102. Epub 2002 Apr 11.