摘要
随着电力工控系统内负荷终端的大量部署,系统遭受网络入侵的风险将极大提高。在将网络入侵检测技术应用于电力工控系统时,已开发的检测模型往往无法取得理想效果,而训练新的模型又将面临安全、隐私等原因造成的数据采集困难。因此,研究一种基于特征抽取的入侵检测方法,该方法通过堆叠稀疏自编码器结构提取抽象特征,以SVM(支持向量机)分类器为输出层实现入侵检测。在模型训练过程中引入迁移学习策略进行优化,经算例验证该方法能有效提升模型面向有限数量目标域内数据的检测效果和训练效率。
With the large number of load terminals in the electric power industrial system, the risk of intrusion will be greatly increased. When applying network intrusion detection technology to the system, the developed detection model cannot achieve good results, and training a new model will face data collection difficulty caused by security and privacy. On the basis of this, this paper proposes a network intrusion detection method based on feature extraction, which extracted abstract features by the structure of stacked sparse autoencoders and implements intrusion detection with an SVM classifier as the output layer. Also, this paper improves the training process based on the transfer learning strategy, and the example verifies that the method can effectively improve the performance of intrusion detection and training efficiency with limited number of practical data in target domain of electric power industrial system.
作者
庄卫金
方国权
张廷忠
陈中
ZHUANG Weijin;FANG Guoquan;ZHANG Tingzhong;CHEN Zhong(China Electric Power Research Institute,Nanjing 210003,China;State Grid Jiangsu Electric Power Co.,Ltd.Maintenance Branch Company,Nanjing 211106,China;State Grid Shandong Electric Power Company Weifang Power Supply Company,Weifang Shandong 261041,China;School of Electrical Engineering,Southeast University,Nanjing 210096,China)
出处
《浙江电力》
2021年第9期85-91,共7页
Zhejiang Electric Power
基金
国家重点研发计划项目(2017YFB0902600)
国家电网有限公司科技项目(SGJS0000DKJS1700840)。
关键词
电力工控系统
入侵检测
特征抽取
迁移学习
堆叠稀疏自编码器
electric power industrial system
intrusion detection
feature extraction
transfer learning
stacked sparse auto-encoder
