Analysis And Research Of Power Industrial Control Network Attack Based On DQN

As the country’s basic industry.power supply and security are not only related to national security strategies but also affect economic and social development.As an important part of electric power,industrial control system is very important in all aspects of safety.On the network side,ideally we want it to be stable and reliable.Because of the interconnectedness of the network,the network is vulnerable to attack.Although the original detection system can combine intrusion warning and security response well,with the continuous development of technology,attacks have become more common and difficult to detect.Among them,escape technology is the representative of this type of technology.Modify network data flow to avoid detection by intrusion detection systems.The work done in this paper is to first analyze the shortcomings of IDS based on the characteristics of the electric industrial control network based on the original intrusion detection system(IDS).The original intrusion detection is divided into abuse and anomaly detection if it is assigned according to the detection principle.The former can only detect known intrusions and cannot do anything with unknown ones,so the false negative rate is relatively high.The latter is applied to models where there are no abnormalities in the network and the system.However,because the thresholds for normal connections and intrusions cannot be determined.false positives and false negatives are relatively common.Then analyze the characteristics of the industrial control network.On the one hand because the industrial control network is isolated,the feature database cannot be updated frequently,resulting in a relatively high rate of false negatives.On the other hand due to the relatively high number of false positives and false positives based on anomaly detection and direct deployment into the network environment,it may affect the stability and real-time performance of industrial control networks.In order to solve the above problems,this article uses the DQN algorithm to improve the original IDS system.First,the principle of bypass deployment is adopted to solve the problem that the system may affect the stability of the industrial control network.Secondly,the convolutional neural network is combined with Q-learning to generate a DQN algorithm.It uses its self-learning,exploration,and utilization features to realize real-time automatic detection.alarm.and unknown attacks on intrusions in the network Effective detection can also be achieved.This article starts with research on reinforcement learning and deep learning.studies the deep reinforcement learning algorithm DQN that combines convolutional neural networks and reinforcement learning decision-making processes,and applies it to network anomaly detection systems to detect network intrusion behaviors.Set up an experimental environment platform,use a large number of data sets to train the system,and repeatedly adjust the parameters by repeatedly adjusting the parameters.Test the model and analyze the obtained visualization results in detail to verify its feasibility.