ALOC: Attack-Aware by Utilizing the Adversarially Learned One-Class Classifier for SCADA System
发布时间:2024-04-05 点击次数:
姚羽(教授)
+
- 博士生导师 硕士生导师
- 电子邮箱:
- 职务:复杂网络系统安全保障技术教育部工程研究中心主任
- 学历:博士研究生毕业
- 性别:男
- 联系方式:yaoyu@mail.neu.edu.cn
- 学位:博士
- 毕业院校:东北大学
- 所属院系:计算机科学与工程学院
- 学科:
计算机应用技术
计算机软件与理论
计算机系统结构
- 发表刊物:IEEE Internet of Things Journal
- 影响因子:10.6
- 摘要:As the volume of network attacks on Supervisory Control and Data Acquisition (SCADA) systems increases, the existing supervised methods that over-rely on priori knowledge can hardly cope with increasingly stealthy and legitimate unknown protocol attacks for heterogeneous industrial scenarios. In this paper, we present an anomaly-based deep learning attack-aware method called ALOC, which constitutes the dual Frequency Domain Transform (FDT) and implicit Generative Adversarial Networks (GANs). The former is proposed that reduces the cost of hand-designed features and normalizes raw traffic bytes as the input under different protocol types. With the assistance of a Deep Auto-Encoder (DAE) with 1D Convolutional Neural Networks (1D-CNNs), the latter can automatically build a behavioral baseline based on the multi-scale distribution of transformed raw bytes. The potential SCADA anomalies or intrusions can be effectively detected, which enables field operators to avoid security risks in a timely manner. Essentially, the trained model conveniently determines the anomaly boundaries by augmenting the representation capabilities of raw session information in high-dimensional space. In response, adversarial training with different loss functions is introduced to constrain the reconstruction of anomalous samples extremely, which in turn improves the detection performance and analyzes anomaly attributes. The experimental results show that the proposed approach is more effective and generalized than existing state-of-the-art baselines.
- 关键字:SCADA systems, 1D-CNNs, GANs, Frequency Domain Transform, Attack-Aware, Anomaly Detection
- 论文类型:SCI JCR Q1
- 备注:https://ieeexplore.ieee.org/document/10488383
- 学科门类:工学
- 文献类型:JCR 一区
- 一级学科:计算机科学与技术
- 是否译文:否