With the increasingly close connection between industrial control systems and the Internet,the possibility of external intrusion into industrial control systems has increased,and their network security has become increasingly important.In response to the above issues,this paper proposes an IPCA-CIF intrusion detection method based on combined isolated forests.This method introduces information value to achieve feature extraction based on PCA.Secondly,a combined forest intrusion detection method combining isolated forests and extended isolated forests is proposed to perform intrusion detec-tion on dimensionality reduced data.Finally,construct an intrusion detection model for result validation.The experiment shows that the IPCA-CIF model has a detection rate of 0.986 and an F1 score of 0.893 on the SWaT dataset,demonstrat-ing good detection performance.
关键词
工业控制系统/入侵检测/孤立森林/特征提取
Key words
industrial control system/intrusion detection/isolation forest/feature extraction
维普
万方数据