期刊文献+

基于时间序列分析的工业控制以太网流量异常检测 被引量:6

Anomaly Detection Scheme Using Time Series Analysis for Industrial Control Systems
下载PDF
导出
摘要 为提高工业网络中异常流量的检测精度,提出了基于结构时间序列分析的流量异常检测方案,将工业以太网流量分解成不同组分,并辅以状态空间模型,将复杂的网络流量进行分层建模,从而有效提高了工业网络异常流量检测精度,降低了误报率.与传统的X-12结构时间序列分析法相比,其平均精度上升38%,所以本文方法对于异常检测系统的效率改善明显. To improve the detecting accuracy of malicious traffic in industrial control systems ( ICS) , an innovative approach based on structural time series model is proposed. Industrial Ethernet traffic can be decomposed into four components. Each component is established by a state space model respectively, which brings out high fitting precision. Therefore compared with X-12, the average positive rate of this method increases by 38%. In the meanwhile, this method provides a way to decrease false positive rate and time complexity.
作者 赖英旭 焦娇
出处 《北京工业大学学报》 CAS CSCD 北大核心 2015年第2期200-206,共7页 Journal of Beijing University of Technology
基金 北京市高等学校人才强教深化计划资助项目(PHR201108016) 可信计算北京市重点实验室开放基金资助项目
关键词 工业控制系统 工业以太网流量 结构时间序列模型 状态空间模型 industrial control systems industrial Ethernet traffic structural time series model state space model
  • 相关文献

参考文献11

  • 1SOOYEON S, TAEKYOUNG K, JO Gil-yong, et al. An experimental study of hierarchical intrusion detection for wireless industrial sensor networks [ J]. IEEE Transaction on Industrial Informatics, 2012, 6(4) : 744-757.
  • 2RICK A J, BARRY H. A system-aware cyber security architecture[ J ]. Systems Engineering, 2012, 15 (2) :225-240.
  • 3刘芳,毛志忠,李磊.基于模糊自回归隐马尔可夫模型的控制过程异常数据检测[J].仪器仪表学报,2010,31(5):984-990. 被引量:8
  • 4CHIARA B, MIGUEL Sanz-bobi. Auto-regressive processes explained by self-organized maps: application to the detection of abnormal behavior in industrial processes [J]. IEEE Transactions on Neural Networks, 2011, 22 (12) : 2078-2090.
  • 5MIN W, KEECHEON K. Intrusion detection scheme using traffic prediction for wireless industrial networks [ J ]. Journal of Communications and Networks, 2012, 14 ( 3 ) : 310-318.
  • 6侯重远,江汉红,芮万智,刘亮.工业网络流量异常检测的概率主成分分析法[J].西安交通大学学报,2012,46(2):70-75. 被引量:22
  • 7陈飞,高铁梅.结构时间序列模型在季节调整方面的应用——与X-12季节调整方法的比较分析[J].系统工程理论与实践,2007,27(11):7-14. 被引量:19
  • 8FARZANEH K, DEREK W M, AMIR K K. Wireless data traffic estimation using a state-space model [ J ]. IEEE Transactions on Vehicular Technology, 2008, 57 (6) : 3885 -3890.
  • 9NICOLAS F, LIAM O M, ERIC C. W32. Stuxnet dossier [ EB/OL]. [ 2011-02-11 ]. http : ff www. symanrec, com/ content/en/us/enterprise/media/security _ response/whi- tepapers/w32_stuxnet_dossier, pdf.
  • 10ALEKSANDR M, EUGENE R, DAVID H, et al. Stuxnet under the microscope[ EB/OL]. [ 2010-7-19 ]. http:// www. eset. com/resources/white-papers/Stuxnet-Under- the-Microscope, pdf.

二级参考文献37

  • 1陈飞,高铁梅.结构时间序列模型在经济预测方面的应用研究[J].数量经济技术经济研究,2005,22(2):95-103. 被引量:28
  • 2GRUBBS F E. Procedures for detecting outlying observations in samples[ J]. Technometrics, 1969,11 ( 1 ) : 1-21.
  • 3HAWKINS DOUGLAS M. Identification of outlier[ M]. London: Chapman and Hall, 1980: 128-135.
  • 4KNORR E M, NG R T. Finding intentional knowledge of distance-based outliers[ C]. Proceedings of the 25th international Conference on Very Large Data Bases, San Francisco, CA. USA, 1999:211-222.
  • 5KNORR E M, NG R G. Algorithms for mining distance- based outliers in large data sets [ C ]. Proceeding of the 24rd International Conference on Very Large Data Bases, San Francisco, CA. USA, 1998:392-403.
  • 6RAMASWAMY S, RASTOGI R, SHIM K. Efficient algorithms for mining outliers from large data sets[ J ]. Proceedings of the ACM SIGMOD, 2000,29 (2) :427-438.
  • 7BARNET V, LEWIS T. Outlier in statistical data[ M]. John Wiley & Sons Chichester, 1994.
  • 8MARKOS, MARKOU, SINGH S. Novelty detection: a review-part 2: neural network based approaches [ J ]. Signal Processing, 2003,83 (12) :2499-2521.
  • 9CASSIDY M J, BROWN P. Hidden markov based autoregressive analysis of stationary and nonstationary electrophysiological signals for functional coupling studies [J]. Journal of neuroscience Methods, 2002,116 ( 1 ) : 35-53.
  • 10RABINER L R. A tutorial on hidden markov models and selected applications in speech recognition[ J ]. Proceedings of the IEEE, 1989,77(2) :257-286.

共引文献46

同被引文献49

引证文献6

二级引证文献56

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部