Issue |
JNWPU
Volume 38, Number 1, February 2020
|
|
---|---|---|
Page(s) | 199 - 208 | |
DOI | https://doi.org/10.1051/jnwpu/20203810199 | |
Published online | 12 May 2020 |
Dataflow Feature Analysis for Industrial Networks Communication Security
面向工业网络通信安全的数据流特征分析
1
School of Automation, Northwestern Polytechnical University, Xi'an 710072, China
2
Shaanxi SecureCon Technologies, Co. Ltd, Xi'an 710072, China
3
Chengdu Westone Information Industry INC, Chengdu 610000, China
Received:
19
March
2019
The autonomous security situation awareness on industrial networks communication has been a critical subject for industrial networks security analysis. In this paper, a CNN-based feature mining method for networks communication dataflow was proposed to intrusion detect industrial networks to extract security situation awareness. Specifically, a normalization technique uniforming different sorts of networks dataflow features was designed for dataflow features fusion in the proposed feature mining method. The proposed methods were used to detect the security situation of traditional IT networks and industrial control networks. Experiment results showed that the proposed feature analysis method had good transferability in the two network data, and the accuracy rate of network anomaly detection was ideal and had higher stability.
摘要
实现自主深度分析工业网络通信安全态势是工业互联网安全研究的重要课题。为了实现工业互联网安全态势分析,基于网络通信数据流特征的深度分析,进行通信数据特征挖掘和网络入侵检测。根据网络流特征的不同,提出从传统通信网络到工业网络的数据流特征知识迁移思想,利用卷积神经网络归一化处理网络流特征,实现网络安全异常检测。实验表明,提出的特征分析技术在2种网络数据中具有良好的迁移性,工业网络异常检测的正确率在93%以上,并且稳定性在0.29%的方差以内。
Key words: industrial network security / data flow knowledge transfer / normalization / network anomaly detection
关键字 : 工控网络安全 / 数据流知识迁移 / 归一化处理 / 网络异常检测
© 2020 Journal of Northwestern Polytechnical University. All rights reserved.
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.