Industrial control system intrusion detection method based on small sample learning
A technology for industrial control systems and intrusion detection, applied in neural learning methods, transmission systems, machine learning, etc., can solve problems such as samples that cannot distinguish new types of attacks, complex structures, and difficulty in detecting attack types
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0083] Example 1:
[0084] The present invention is an industrial control system designed small sample learning based intrusion detection method, comprising the steps of:
[0085] Three different types of sample into 1) the data set is divided, from industrial control systems to extract data traffic to the original data set to detect a model train set and the base model train sets, three different types of samples were normal samples, common assault samples and samples of new attacks;
[0086] 2) continuous data processing, the use of principal component analysis (Principal Component Analysis, PCA) model based on the training set, the model training set is detected Data samples Dimensional concrete characteristics of data matrix Detecence;
[0087] 3) Discrete data processing, using a single-hot encoding method for the basic model training set, detection model training set Data sample Data matrix composed of scattered characteristics Treatment;
[0088] 4) After the small sam...
Example Embodiment
[0092] Example 2:
[0093] This embodiment is further optimized on the basis of the above embodiment, and will not be described herein with the foregoing technical scheme, further, in particular, the present invention is preferred, and the following arrangement is specifically described. To: will include a large number of normal types of normal types, at least three common attack samples for common attack types and New attack samples for new attack types ( The original data set of three different types of samples is divided into the detection model training set and the basic model training set as follows:
[0094] 1.1) From the normal sample, some common attack samples to be detected are separately extracted Sample, with A new attack sample composition detection model training set;
[0095] 1.2) Composition of the remaining normal samples and common attack samples of the common attack types.
Example Embodiment
[0096] Example 3:
[0097] The present embodiment is further optimized based on any of the above embodiments, and will not be described herein herein, and further refer to the present invention, in particular, in particular, the following arrangement mode: The step 2 The specific steps are:
[0098] 2.1) Use the Z-Score standardization method to the basic model training set, detection model training set Data sample Dimensional characteristic data matrix Preprocessing, data matrix B The column data Data Based on (1) :
[0099] (1),
[0100] in, , Representative The average and standard deviation of column data;
[0101] 2.2) After pretreatment, the data matrix is calculated according to (2). Optimal feature matrix :
[0102] (2),
[0103] in, Data matrix Feature matrix, its dimension , Data matrix Co-difference matrix, its dimension is ;
[0104] 2.3) According to the (3) Dimensional data matrix Drop Dimensional :
[0105] (3),
[0106] in, Matrix by...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap