In view of the increasingly prominent information security risks faced by the urban rail train control system,an artificial immune system-based situation assessment(AIS-SA)method is proposed.Combined with the data characteristics of urban rail train control system,the mature mechanism of the detector and the cyber attack detection method are designed to sense the cyber attacks suffered by the urban rail train control system in real time.The mechanism of detector cloning and mutation is designed to further enrich the detector population and improve the ability of urban rail train control system to perceive cyber attacks.The simulation experiments simulate that the urban rail train control system is subjected to different intensity of identity authentication Dos attacks and TCP SYN Flood attacks.AIS-SA method is used to perceive the cyber attacks and quantify the security situation of the system in real time.The results show that AIS-SA method has a strong ability to perceive cyber attacks.When the detector evolves for 25 generations,the detection rate of identity authentication Dos attack is 96.81%,the false alarm rate is 0.25%,and the detection rate of TCP SYN Flood attack is 98.46%,and the false alarm rate is 1.32%.Compared with other methods,AIS-SA method has both high detection rates and low false positive rates.In addition,AIS-SA method can characterize the security situation of the urban rail train control system under different attack intensity.When the intensity of attack increases,the real time situation quantification value increases,and vice versa.Simulation results verify the effectiveness and accuracy of AIS-SA method.
关键词
城轨/列控系统/信息安全/态势评估/人工免疫/检测器
Key words
Urban rail/Train control system/Information security/Situation assessment/Artificial immunity system/Detector
维普
万方数据