Research On Traffic Intrusion Detection Technology Based On Deep Learning For Power Industrial Control System

One of the most important pillars for guaranteeing general national security is the security of the nation’s electric grid,which is connected to the economy and the livelihoods of the populace.Today’s power industrial control system is experiencing a significant increase in traffic,the emergence of zero-day assaults,and the prevalence of network-based risks to the security of the power grid.Current power industrial control intrusion detection techniques increasingly display problems such bad data feature learning,bad generalization,and bad identification accuracy.To address the aforementioned issues,this thesis uses the potent data processing and feature extraction capabilities of deep learning model to investigate traffic intrusion detection techniques used to power industrial control system.First,to overcome the restriction that conventional one-dimensional convolution can only extract single-scale features and enable multi-scale extraction of dataset features,a multi-scale one-dimensional convolution feature extraction method is proposed to address the issue of incomplete feature extraction.To address the issue that the internal features of traffic samples are not strongly correlated,a self-attention mechanism is incorporated on the basis of multi-scale one-dimensional convolution,and a multi-scale one-dimensional convolution feature extraction method with self-attention mechanism is proposed.This method can extract more distinctive features.Second,given the lack of performance in intrusion detection and classification,the feasibility of using a convolutional neural network to power industrial control system traffic intrusion detection and classification is demonstrated.Deep learning technology is fully utilized in classification tasks by using the improved AlexNet network for detection and classification.Given that the shallow machine learning model has better classification ability than the softmax layer of the neural network,this paper proposes a hybrid detection and classification method based on the AlexNet network and improved random forest,taking full advantage of the random forest’s classification advantages.And optimize the hyperparameters of the random forest classifier to further improve the classification performance.Again,to address the problem of the random forest classifier not performing optimally with the default hyperparameters,an improved grid search algorithm is proposed to find the optimal random forest classifier hyperparameters,which can significantly improve the random forest classifier.The forest classifier’s performance has improved,as has the speed of hyperparameter optimization.Finally,a traffic intrusion detection model for the power industrial control system is created by combining the hybrid detection and classification method based on the AlexNet network and the improved random forest,as well as the multi-scale one-dimensional convolution feature extraction method integrated with the self-attention mechanism.The model is capable of fully learning the properties of the power industrial control system.Based on the learned traffic characteristics,accurately determine whether there is an intrusion.The methods and models proposed in the preceding study were designed and implemented,and they were validated on the power industrial control dataset.The experimental results show that the feature approach presented in this paper can fully exploit the potential features of the dataset and effectively improve the performance of subsequent detection classification methods when compared to the solutions presented in previous work.This paper’s detection classification method can improve intrusion detection classification performance.The proposed intrusion detection model for power industrial control system traffic is capable of performing the intrusion detection task admirably,and it outperforms existing similar work.