Design And Implementation Of Misuse Detection System Based On Dendrite Network

Industrial Control System(ICS)is an important nerve center in the field of Industrial production Control.The ICS network environment has gradually changed from the original closed and isolated environment to the connectivity with the outside world,which makes the ICS security risks become greater.And the industrial control system network security for the identification of attack data has a harsh high precision and low delay requirements,how to quickly identify unknown security events and attack types from the massive industrial control system data under these constraints,has become the focus of research at home and abroad.Dendrite network,a new network proposed in 2020,has the characteristics of high precision,fast training speed and low computing power requirements,making dendrite network very suitable for solving this problem.This paper takes the misuse detection system based on dendrite network as the research object,and combines the integrated learning method based on IC-DD network to carry out in-depth research on the attack type identification of industrial control system.Firstly,Dendrite network is applied to the protection of network security and Industrial control security for the first time in this study.After improving the open source Dendrite network model,an IC-DD(Industrial Control-Dendrite Net)model for Industrial control system security is proposed,which can better simulate the Taylor expansion.Then,the hyperparameters of the network model are tested and adjusted,and the final model achieves high accuracy with very short running time,which fully meets the requirements of low delay and high accuracy for industrial control network security.In order to identify these unknown security events,a threshold algorithm is designed in this paper to solve this problem,and good experimental results are obtained.Secondly,this paper proposes a multi-classification model of IC-DD network based on ensemble learning.Precision for more traditional integration learning classification problem is not the ideal situation,improve the stacking structure of traditional integration method to learn,to integrate the traditional study of meta model improvement for IC-DD network,and the integrated study of various level model predicted results is added to the original data set,so as to further improve the recognition accuracy of classification model.Finally,a dendrite network based industrial control environment misuse detection system is designed,implemented and tested according to the above algorithm model..