化工学报 ›› 2020, Vol. 71 ›› Issue (3): 1080-1087.doi: 10.11949/0438-1157.20191495

• 过程系统工程 • 上一篇    下一篇

融合灰狼优化算法在工控系统入侵检测中的应用

耿志强1,2(),曾荣甫1,2,徐圆1,2,韩永明1,2(),顾祥柏1,2,3   

  1. 1.北京化工大学信息科学与技术学院,北京 100029
    2.智能过程系统工程教育部工程研究中心,北京 100029
    3.中石化炼化工程(集团)股份有限公司,北京 100029
  • 收稿日期:2019-12-09 修回日期:2019-12-13 出版日期:2020-03-05 发布日期:2019-12-24
  • 通讯作者: 韩永明 E-mail:gengzhiqiang@mail.buct.edu.cn;hym200542029@126.com
  • 作者简介:耿志强gengzhiqiang@mail.buct.edu.cn
  • 基金资助:
    国家重点研发计划项目(2018YFB0803501);国家自然科学基金项目(61673046);中央高校基本科研业务费专项资金(XK1802-4)

Intrusion detection of industrial control system based on grey wolf optimization integrated random black hole

Zhiqiang GENG1,2(),Rongfu ZENG1,2,Yuan XU1,2,Yongming HAN1,2(),Xiangbai GU1,2,3   

  1. 1.College of Information Science and Technology, Beijing University of Chemical Technology, Beijing 100029, China
    2.Engineering Research Center of Intelligent PSE, Ministry of Education of China, Beijing 100029, China
    3.Sinopec Engineering Group Co. , Ltd. , Beijing 100029, China
  • Received:2019-12-09 Revised:2019-12-13 Online:2020-03-05 Published:2019-12-24
  • Contact: Yongming HAN E-mail:gengzhiqiang@mail.buct.edu.cn;hym200542029@126.com

摘要:

针对当前工控系统中数据体量大、维度高的特点,提出了一种融合随机黑洞(random black hole, RBH)策略的灰狼优化(grey wolf optimization integrated random black hole, RBHGWO)算法。该方法在更新下一代灰狼位置时,模拟黑洞的吸引方式,让狼群中的个体能够更快地向着当前全局最优解移动,增强了算法的收敛速度;同时个体以随机策略被黑洞吸引,保持了算法的局部搜索能力。通过优化算法测试函数验证,RBHGWO算法与粒子群优化(particle swarm optimization, PSO)算法、随机黑洞粒子群优化(particle swarm optimization integrated random black hole, RBHPSO)算法、GWO算法和优胜劣汰的灰狼优化(survival of fitness grey wolf optimization, SFGWO)算法进行了实验对比。结果表明,RBHGWO算法具有较快的收敛速度和较好的寻优精度。同时以田纳西-伊斯曼(Tennessee-Eastman, TE)数据集为基础进行仿真实验,结果表明该算法应用于在工控系统入侵检测的特征选择中,其收敛精度、迭代速度以及稳定性都有明显优势。

关键词: 工业控制系统, 入侵检测, 特征选择, 算法, 优化, 模拟

Abstract:

Aiming at the characteristics of large data volume and high dimensions in the current industrial control system, a grey wolf optimization integrated random black hole (RBHGWO) algorithm incorporating a random black hole (RBH) strategy is proposed. When the wolf group updates the position of the next generation grey wolf, the proposed algorithm simulates the attraction of black holes, so that the individual in the wolf group can move faster towards the current global optimal solution, and enhances the convergence speed of the proposed algorithm. Meanwhile, individuals are randomly attracted by black holes, which maintain the local search ability of the proposed algorithm. Compared with particle swarm optimization (PSO), random black hole particle swarm optimization (RBHPSO), GWO algorithm and survival of fitness grey wolf optimization (SFGWO) algorithm using test functions, the experimental results show that the RBHGWO algorithm has fast convergence speed and excellent convergence accuracy. Moreover, based on the data set of Tennessee-Eastman (TE) simulation platform, the situation of industrial control systems is simulated by attacking from the covert intrusion. The experimental results show that the RBHGWO algorithm has obvious advantages in convergence accuracy, iteration speed and stability in the feature selection of intrusion detection of industrial control systems.

Key words: industrial control system, intrusion detection, feature selection, algorithm, optimization, simulation

中图分类号: 

  • TP 29

图1

随机黑洞模型"

表1

测试函数参数表"

函数名称变量定义域维数最优值
f1Sphere[-100,100]300
f2Schwefel’Problem 2.2.2[-10,10]300
f3Quadratic[-1.28,1.28]300
f4Rastrigin[-5.12,5.12]300
f5Ackley[-32,32]300
f6Griewank[-600,600]300

表2

算法参数表"

函数参数
PSOc1= 2;c2=2;ω=0.9
RBHPSOc1= 2;c2= 2;ω= 0.9;p =0.1;R = 0.01
GWONone
SFGWOBound=0.618
RBHGWOp =0.1;R =0.01

图2

优化函数迭代结果"

表3

实验结果平均值"

算法f1f2f3f4f5f6
PSO0.823132.32320.5684129.22112.08421.476
RBHPSO0.179031.20653.2471×10-355.8963.06951.5907×10-2
GWO3.7862×10-223.6166×10-151.9252×10-33.11752.3667×10-131.9669×10-3
SFGWO1.3674×10-271.4859×10-181.2350×10-32.10135.9153×10-14×10-11
RBHGWO1.2212×10-482.4761×10-298.3071×10-402.2678×10-140

表4

实验结果标准差"

算法f1f2f3f4f5f6
PSO1.15060.782672.452067.8347.03503.8529
RBHPSO5.7589×10-22.73471.8095×10-311.4290.644471.3769×10-2
GWO3.5463×10-223.9915×10-151.1116×10-32.15046.6311×10-145.2292×10-3
SFGWO1.7031×10-271.1864×10-185.9602×10-43.17388.1122×10-153.6160×10-11
RBHGWO2.7222×10-482.8038×10-297.7627×10-405.2557×10-150

图3

TE过程工艺流程图"

图4

反应器温度变化的过程"

表5

KNN分类器的实验结果"

算法最优适应度值最差适应度值平均适应度值标准差

运行

时间/s

PSO0.7009010.5838100.6594070.0348611059.4
RBHPSO0.7507270.6191670.6811320.0279431171.6
GWO0.7588890.6773680.7390110.019231727.4
SFGWO0.7664810.7281480.7433000.011645813.7
RBHGWO0.7748150.7548150.7641300.006621692.1

表6

NBC分类器的实验结果"

算法最优适应度值最差适应度值平均适应度值标准差

运行

时间/s

PSO0.7275930.5443550.6584350.051886144.1
RBHPSO0.7223640.6076920.6811420.038472173.5
GWO0.7577780.7012730.7416430.015378122.1
SFGWO0.7674070.7383330.7529550.009589167.4
RBHGWO0.7859260.7672220.7764550.006770121.4

表7

DT分类器的实验结果"

算法最优适应度值最差适应度值平均适应度值标准差

运行

时间/s

PSO0.6928070.5832000.6390450.030142286.5
RBHPSO0.7776580.6305080.6930650.047811256.8
GWO0.8014810.7391070.7834420.017398214.9
SFGWO0.8066670.7685190.7886830.012241372.6
RBHGWO0.8477780.8205560.8304860.010125221.9
1 Serpanos D.Secure and resilient industrial control systems [J].IEEE Design & Test,2018,35(1):90-94.
2 Paridari K,Mahony,Mady A E,et al.A framework for at-tack-resilient industrial control systems: attack detection and controller reconfiguration [J].Proceedings of the IEEE,2018,106(1):113-128.
3 Geng Z Q,Chen N,Han Y,et al.An improved intelligent early warning method based on MWSPCA and its application in complex chemical processes [J].The Canadian Journal of Chemical Engineering,2019,doi.org/0.1002/cjce.23674.
4 Geng Z Q,Liu F F,Han Y M,et al.Fault diagnosis of chemical processes based on a novel adaptive kernel principal component analysis[C]//12th Asian Control Conference.Fukuoka,2019:1495-1500
5 Chung M Y,Ahn W,Min B G,et al.An analytical method for developing appropriate protection profiles of Instrumentation & Control System for nuclear power plants [J].Journal of Supercomputing,2018,74(3):1378-1393.
6 Wu M T,Song Z Y,Moon Y B.Detecting cyber-physical attacks in cyber manufacturing systems with machine learning methods [J].Journal of Intelligent Manufacturing,2019,30(3):1-13.
7 Yılmaz E N,Gönen S.Attack detection/prevention system against cyber-attack in industrial control systems [J].Computers & Security,2018,77:94-105.
8 Li J,Zha Y.CMA: a reconfigurable complex matching accelerator for wire-speed network intrusion detection [J].IEEE Computer Architecture Letters,2018,17(1):33-36.
9 Kasongo S M,Sun Y X.A deep learning method with filter based feature engineering for wireless intrusion detection system [J].IEEE Access,2019,7:38597-38607.
10 Wang N,Du X H,Wang W J.Building a cloud IDS using an efficient feature selection method and SVM [J].IEEE Access,2019,7:1345-1354.
11 Acharya N,Singh S.An IWD-based feature selection method for intrusion detection system [J].Soft Computing,2018,22(13):4407-4416.
12 Zhou T,Lu H L,Wang W W,et al.GA-SVM based feature selection and parameter optimization in hospitalization expense modeling [J].Applied Soft Computing,2019,75:323-332.
13 Tao P Y,Sun Z,Sun Z X.An improved intrusion detection algorithm based on GA and SVM [J].IEEE Access,2018,6:1.
14 Kushwaha N,Pant M.Link based BPSO for feature selection in big data text clustering [J].Future Generation Computer Systems,2018,82:190-199.
15 Kashef S,Nezamabadi-pour H.An advanced ACO algorithm for feature subset selection [J].Neurocomputing,2015,147:271-279.
16 Zawbaa,Hossam M,Emary E,et al.Feature selection approach based on moth-flame optimization algorithm [C]//2016 IEEE Congress on Evolutionary Computation,2015:4612-4617
17 Milan T,Nebojsa B.Improved seeker optimization algorithm hybridized with firefly algorithm for constrained optimization problems [J].Neurocomputing,2014,143:197-207.
18 Mirjalili S,Lewis A.Grey wolf optimizer [J].Advances in Engineering Software,2014,69(3):46-61.
19 Zhou Z Y,Zhang R X,Wang Y M,et al.Color difference classification based on optimization support vector machine of improved grey wolf algorithm [J].Optik,2018,170:17-29.
20 Li S Y,Wang S M,Wang P F,et al.An improved grey wolf optimizer algorithm for the inversion of geoelectrical data [J].Acta Geophysica,2018,66(4):607-621.
21 Wu T B,Gui W H,Yang C H,et al.Improved grey wolf optimization algorithm with logarithm function describing convergence factor and its application [J].Journal of Central South University (Science and Technology),2018,49(4):857-864.
22 Zhang J Q,Liu K,Tan Y,et al.Random black hole particle swarm optimization and its application [C]//2008 International Conference on Neural Net-Works and Signal Processing,2007,1/2:359-365.
23 Ji Z W,Hu M,Yin J X.A survey of feature selection algorithm [J].Electronic Design Engineering,2011,9:46-51.
24 Chen B S,Cheng Y M,Lee C H.A genetic approach to mixed H2/H optimal PID control [J].IEEE Control Systems,1995,15(5):51-60.
25 Downs J J,Vogel E F.A plant-wide industrial process control problem [J].Computers and Chemical Engineering,1993,17(3):245-255.
26 Ricker N L.Tennessee Eastman challenge archive [EB/OL]. [2017-05-31]. http: //depts.washington.edu/control/LARRY/TE/download.html.
27 Ricker N L.Decentralized control of the Tennessee Eastman challenge process [J].Journal of Process Control,1996,6(4):205-221.
28 Lv X F,Xie Y B.An anomaly detection method for industrial control systemsvia state transition graph [J].Acta Automatica Sinica,2018,44(9):1662-1671.
29 Peterson L.K-nearest neighbor [J].Scholarpedia,2009,4(2):1883.
30 Langley P,Thompson K.An analysis of Bayesian classifiers [C]//Proceedings of the 10th National Conference on Artificial Intelligence,San Jose, CA,1992:223-228.
31 Breiman L,Friedman J,Olshen R.Classification and Regression Trees [M].California:Wadsworth Belement,1984.
[1] 李文秀, 张羽, 曹颖, 丁忠瀚, 赵思雨, 张弢. 离子液体用于四氢呋喃-乙醇-水三元共沸物系分离的研究[J]. 化工学报, 2020, 71(4): 1676-1682.
[2] 周星宇, 曾凡桂, 相建华, 邓小鹏, 相兴华. 马脊梁镜煤有机质大分子模型构建及分子模拟[J]. 化工学报, 2020, 71(4): 1802-1811.
[3] 谭畯坤, 刘玉东, 耿世超, 陈兵, 童明伟. 真空探针冷冻和复温性能实验测试及数值模拟[J]. 化工学报, 2020, 71(4): 1440-1449.
[4] 陈胡炜, 吉华, 冯东林, 李倩, 陈志. 基于多楔现象的微孔端面机械密封泄漏率分析及孔形设计[J]. 化工学报, 2020, 71(4): 1723-1733.
[5] 程华农, 邱娜娜, 岳金彩, 郑世清. 采用响应面法降低湿法氧化脱硫中Na2S2O3生成量[J]. 化工学报, 2020, 71(4): 1762-1771.
[6] 田瑞超, 王淑彦, 邵宝力, 李好婷, 王玉琳. 基于粗糙颗粒动理学流化床内颗粒与幂律流体两相流动特性的数值模拟研究[J]. 化工学报, 2020, 71(4): 1528-1539.
[7] 宋祺, 杨智, 陈颖, 罗向龙, 陈健勇, 梁颖宗. 局部几何构型对聚焦流微通道内液滴生成特性的影响[J]. 化工学报, 2020, 71(4): 1540-1553.
[8] 杨永安, 李瑞申, 李坤, 孙天慧. 采用R410A单一工质的复叠式空气源热泵[J]. 化工学报, 2020, 71(4): 1812-1821.
[9] 王金红, 陈志, 刘凡, 李建明. 密封环支撑边界条件对机械密封端面变形的影响[J]. 化工学报, 2020, 71(4): 1744-1753.
[10] 贾艳萍, 张真, 佟泽为, 王嵬, 张兰河. 铁碳微电解处理印染废水的效能及机理研究[J]. 化工学报, 2020, 71(4): 1791-1801.
[11] 陈汇龙, 桂铠, 韩婷, 谢晓凤, 陆俊成, 赵斌娟. 上游泵送机械密封润滑膜固体颗粒沉积特性研究[J]. 化工学报, 2020, 71(4): 1712-1722.
[12] 车健, 江锦波, 李纪云, 彭旭东, 马艺, 王玉明. 节流孔出气模式对静压干气密封稳态性能影响[J]. 化工学报, 2020, 71(4): 1734-1743.
[13] 王少雄, 李玉星, 刘翠伟, 梁杰, 李安琪, 薛源. 水下输气管道泄漏扩散特性模拟研究[J]. 化工学报, 2020, 71(4): 1898-1911.
[14] 罗小燕, 戴聪聪, 程铁栋, 蔡改贫, 刘鑫, 刘吉顺. 基于改进EWT-多尺度熵和KELM的球磨机负荷识别方法[J]. 化工学报, 2020, 71(3): 1264-1277.
[15] 杜宇浩, 阎高伟, 李荣, 王芳. 基于局部线性嵌入的测地线流式核多工况软测量建模方法[J]. 化工学报, 2020, 71(3): 1278-1287.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] 罗明检, 胡冰, 姜涛, 夏淑倩, 马沛生. Analysis and Comparison of the Alpha Functions of SRK Equation of State[J]. CIESC Journal, 2008, 16(5): 766 -771 .
[2] 谢卫国,李洲. 溶剂萃取法分离提取衣康酸 [J]. CIESC Journal, 2001, 52(1): 46 -49 .
[3] 刘永民,刘铮,袁乃驹. 多管环流反应器的流动和传质特性 [J]. CIESC Journal, 2001, 52(3): 222 -226 .
[4] 朱炳辰,宋维端,房鼎业,吕待清. 多孔催化剂效率因子的多组分扩散模型 (Ⅱ)B109中温变换催化剂的效率因子 [J]. CIESC Journal, 1984, 35(1): 41 -50 .
[5] . 化学工业出版社新书预告 《化工工艺算图》 [J]. CIESC Journal, 1985, 36(4): 505 .
[6] 姚海元;宫敬.

水平管内油水两相流流型转换特性

[J]. CIESC Journal, 2005, 56(9): 1649 -1653 .
[7] 赵德明, 史惠祥, 汪大翚. 复频超声波氧化降解苯酚废水 [J]. 化工学报, 2003, 54(4): 570 -574 .
[8] 邵之江, 李翔, 钱积新. 化工过程系统优化中的一种混合求导算法 [J]. 化工学报, 2003, 54(10): 1397 -1402 .
[9] 马丽景;林茂;闫涛;李英霞;黄小葳;陈霭璠;宋永吉.

纳米γ-Fe2O3复合氧化物的制备与气敏性质

[J]. CIESC Journal, 2004, 55(2): 264 -267 .
[10] 岳秀伟,张卫江,徐 娇,赵毅青. 污泥微生物蛋白发泡剂的改性 [J]. CIESC Journal, 2011, 30(6): 1316 .