| 基于灰狼算法和案例推理的工控系统入侵检测 |
| |
| 引用本文: | 於帮兵,王华忠,颜秉勇.基于灰狼算法和案例推理的工控系统入侵检测[J].医学教育探索,2018,44(2):239-245. |
| |
| 作者姓名: | 於帮兵 王华忠 颜秉勇 |
| |
| 作者单位: | 华东理工大学化工过程先进控制和优化技术教育部重点实验室, 上海 200237,华东理工大学化工过程先进控制和优化技术教育部重点实验室, 上海 200237,华东理工大学化工过程先进控制和优化技术教育部重点实验室, 上海 200237 |
| |
| 基金项目: | 国家自然科学基金青年基金(51407078) |
| |
| 摘 要: | 提出了一种基于二进制灰狼算法和邻域粗糙集的案例推理分类算法(bGWO-NRS-CBR),以有效处理工控网络数据样本高维、冗余的问题。首先,将邻域粗糙集(NRS)中的依赖度概念和属性个数作为二进制灰狼优化算法(bGWO)的适应度函数,通过狼群不断更新位置寻找最小相对属性集;然后基于属性重要度对权重进行优化分配从而建立案例推理(CBR)分类模型;最后利用该模型对工控网络标准数据集进行入侵检测研究。实验结果表明,本文算法能够获得最小相对属性子集,并有效提高入侵检测算法的准确度和效率。
|
| 关 键 词: | 邻域粗糙集 二进制灰狼算法 案例推理 属性约简 入侵检测 |
| 收稿时间: | 2017/3/13 0:00:00 |
Intrusion Detection of Industrial Control System Based on Grey Wolf Algorithm and Case-Based Reasoning |
| |
| YU Bang-bing,WANG Hua-zhong and YAN Bing-yong.Intrusion Detection of Industrial Control System Based on Grey Wolf Algorithm and Case-Based Reasoning[J].Researches in Medical Education,2018,44(2):239-245. |
| |
| Authors: | YU Bang-bing WANG Hua-zhong and YAN Bing-yong |
| |
| Institution: | Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, East China University of Science and Technology, Shanghai 200237, China,Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, East China University of Science and Technology, Shanghai 200237, China and Key Laboratory of Advanced Control and Optimization for Chemical Processes, Ministry of Education, East China University of Science and Technology, Shanghai 200237, China |
| |
| Abstract: | By integrating binary gray wolf algorithm and neighborhood rough set, this paper proposes a case-based reasoning algorithm (bGWO-NRS-CBR) to handle high dimensionality and redundancy of industrial control network data samples. The rough set is usually used for dimensionality reduction of data set so as to effectively delete redundant attributes and the gray wolf algorithm is a new type of optimization algorithm that can quickly obtain the relative optimal value in the search space. In the proposed bGWO-NRS-CBR algorithm, both the dependency concept of neighborhood rough set and the number of attributes are taken as the fitness functions of the binary grey wolf algorithm, which is further utilized to find the minimum relative attribute subset by constantly updating the position of wolf population. And then, the attribute significance is used to re-optimize and assign the weights for constructing the case-based reasoning classifier, by which the attack detection on industrial control network data samples will be undergone. The procedure of the attack detection includes four stages, i.e., retrieve, revise, reuse and retain. The k-nearest neighbor is used for case retrieve, in which the attribute weights are allocated based on attribute significance. Finally, the proposed algorithm is tested via the intrusion detection on the standard data set of industrial control system and the comparison with other traditional machine learning algorithms to the standard data set is also made, which verifies the advantages of the proposed attribute reduction algorithm and the classification algorithm in this paper. Moreover, the superiority of binary gray wolf algorithm and neighborhood rough set is confirmed by the classification accuracy and classification time of the unreduced and reduced experiments, and the superiority of case-based reasoning based on attribute significance is confirmed by comparative experiments of various optimization algorithms. These experimental results show that not only the minimum relative attribute subset is obtained but also the accuracy and efficiency of industrial intrusion detection are improved. The best classification time is only 29 s and the best classification accuracy is 97.4% by combining reduction algorithm and classification algorithm. |
| |
| Keywords: | neighborhood rough set binary grey wolf algorithm CBR feature selection intrusion detection |
|
| 点击此处可从《医学教育探索》浏览原始摘要信息 |
| 点击此处可从《医学教育探索》下载免费的PDF全文 |
|
