IDEAS home Printed from https://ideas.repec.org/a/gam/jmathe/v10y2022i16p2872-d885960.html
   My bibliography  Save this article

Unknown Security Attack Detection of Industrial Control System by Deep Learning

Author

Listed:
  • Jie Wang

    (School of Software Technology, Dalian University of Technology, Dalian 116620, China)

  • Pengfei Li

    (School of Software Technology, Dalian University of Technology, Dalian 116620, China)

  • Weiqiang Kong

    (School of Software Technology, Dalian University of Technology, Dalian 116620, China)

  • Ran An

    (School of Software Technology, Dalian University of Technology, Dalian 116620, China)

Abstract

With the rapid development of network technologies, the network security of industrial control systems has aroused widespread concern. As a defense mechanism, an ideal intrusion detection system (IDS) can effectively detect abnormal behaviors in a system without affecting the performance of the industrial control system (ICS). Many deep learning methods are used to build an IDS, which rely on massive numbers of variously labeled samples for model training. However, network traffic is imbalanced, and it is difficult for researchers to obtain sufficient attack samples. In addition, the attack variants are rich, and constructing all possible attack types in advance is impossible. In order to overcome these challenges and improve the performance of an IDS, this paper presents a novel intrusion detection approach which integrates a one-dimensional convolutional autoencoder (1DCAE) and support vector data description (SVDD) for the first time. For the two-stage training process, 1DCAE fails to retain the key features of intrusion detection and SVDD has to add restrictions, so a joint optimization solution is introduced. A three-stage optimization process is proposed to obtain better performance. Experiments on the benchmark intrusion detection dataset NSL-KDD show that the proposed method can effectively detect various unknown attacks, learning with only normal traffic. Compared with the recent state-of-art intrusion detection baselines, the proposed method is improved in most metrics.

Suggested Citation

  • Jie Wang & Pengfei Li & Weiqiang Kong & Ran An, 2022. "Unknown Security Attack Detection of Industrial Control System by Deep Learning," Mathematics, MDPI, vol. 10(16), pages 1-17, August.
  • Handle: RePEc:gam:jmathe:v:10:y:2022:i:16:p:2872-:d:885960
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2227-7390/10/16/2872/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/2227-7390/10/16/2872/
    Download Restriction: no
    ---><---

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:10:y:2022:i:16:p:2872-:d:885960. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.