造纸科学与技术2024,Vol.43Issue(1) :42-47.DOI:10.19696/j.issn1671-4571.2024.1.009

基于最小二乘支持向量机的造纸工控网络高隐蔽性入侵检测

High Concealment Intrusion Detection in Paper Industry Control Network Based on Least Squares Support Vector Machine

秦宁宁
造纸科学与技术2024,Vol.43Issue(1) :42-47.DOI:10.19696/j.issn1671-4571.2024.1.009
  • NETL
  • NSTL
  • 万方数据

基于最小二乘支持向量机的造纸工控网络高隐蔽性入侵检测

High Concealment Intrusion Detection in Paper Industry Control Network Based on Least Squares Support Vector Machine

秦宁宁1
扫码查看

作者信息

  • 1. 榆林市国家开放大学,陕西榆林,719000
  • 折叠

摘要

造纸工控网络的数据特征具有复杂性和多样性,对于高隐蔽性入侵行为,其特征可能被混杂在正常操作和噪声中,增加了检测的难度.为此,提出基于最小二乘支持向量机的造纸工控网络高隐蔽性入侵检测方法.首先,使用CEEMD算法对网络数据进行分解,得到一系列固有模态分量(IMF),利用排列熵对IMF分量进行分析,确定高噪声IMF分量;使用小波降噪对高噪声IMF分量展开抗干扰处理.然后,使用互信息特征选择方法对抗干扰处理后的入侵数据进行特征提取.最后,将提取到的入侵数据特征作为输入数据,通过最小二乘支持向量机(LS-SVM)建立一个判别函数,该函数根据输入数据的特征值进行分类,并判断网络中是否存在高隐蔽性入侵行为.实验结果表明,所提方法最高入侵检测准确率达到0.98,Kappa统计量最大为0.99,表明所提方法的数据处理效果好、网络入侵检测精度高.

Abstract

The data features of the paper industry control network are complex and diverse,and for highly covert intrusion behaviors,their features may be mixed in normal operation and noise,increasing the difficulty of detection.To this end,a highly covert intrusion detection method for paper industry control networks based on least squares support vector machines is proposed.Firstly,the CEEMD algorithm is used to decompose the network data to obtain a series of intrinsic mode components(IMF).The IMF components are analyzed using permutation entropy to determine the high noise IMF components;Using wavelet denoising to perform anti-interference processing on high noise IMF components.Then,Mutual information Feature selection method is used to extract features from intrusion data after anti-jamming.Finally,the extracted intrusion data features are used as input data,and a discriminant function is established using Least Squares Support Vector Machine(LS-SVM).This function classifies based on the feature values of the input data and determines whether there is a high level of covert intrusion behavior in the network.The experimental results show that the highest intrusion detection accuracy of the proposed method is 0.98,and the maximum Kappa statistic is 0.99,indicating that the proposed method has good data processing performance and high network intrusion detection accuracy.

关键词

网络入侵检测/最小二乘支持向量机/小波阈值降噪/排列熵/互信息特征选择

Key words

network intrusion detection/least squares support vector machine/wavelet threshold denoising/permutation entropy/mutual information feature selection

引用本文复制引用

基金项目

陕西广播电视大学一般科研项目(15D-04-B21)

出版年

2024
造纸科学与技术
广东省造纸学会 广东省造纸研究所

造纸科学与技术

CSTPCD
影响因子:0.269
ISSN:1671-4571
参考文献量18
段落导航相关论文