机构地区:[1]中国航空油料集团有限公司,北京100088 [2]民航智慧能源工程技术研究中心,北京100088 [3]北京石油化工学院信息工程学院,北京102617 [4]中国电子科技集团公司第三十研究所,成都610041
出 处:《信息安全研究》2022年第6期570-577,共8页Journal of Information Security Research
基 金:国家自然科学基金面上项目(62173026)。
摘 要:随着人工智能、大数据、物联网等新一代信息技术的飞速发展,工业互联网浪潮席卷全球,工控系统的安全问题越来越突出.传统的工控系统的安全研究主要集中在网络层面的防护,系统被入侵,造成破坏前的数据异常检测能力不足,当前制约该能力的主要因素是缺少包含工控系统业务异常数据的数据集.研究了基于油料储运工控系统业务的半实物仿真系统,针对系统底层业务数据进行攻击,从而得到负例样本,与正常数据形成一套油料储运工控系统业务安全数据集(下文简称油料储运数据集).将油料储运数据集与密西西比数据集、新加坡水厂数据集进行比较,并对3个数据集进行了迁移学习实验.实验结果表明:油料储运数据集比其他两个数据集包含的攻击种类多,且负样本占比最高;油料储运数据集迁移到新加坡水厂数据集的正确率比从新加坡水厂数据集迁移到油料储运数据集的正确率更高,说明油料储运数据集的攻击设计更全面;同样的迁移学习算法用于新加坡水厂数据集与密西西比数据集的迁移正确率虽然高于油料储运数据集与密西西比的迁移,但从工控系统的工艺流程分析,这两个数据集没有相似之处,存在过学习现象;油料储运数据集与密西西比数据集之间的迁移学习的正确率较低,这两个数据集基于完全不同的工控过程,符合客观规律.With the rapid development of a new generation of information technology such as artificial intelligence, big data, and the Internet of Things, the wave of industrial Internet has swept the world, and the security problems of industrial control systems have become more and more prominent. In particular, in the industrial control system in the field of oil storage and transportation, the focus of solving safety problems lies in business safety. At present, the main factor restricting the anomaly detection algorithm at the service level is the lack of data sets of business anomaly data of the industrial control system. In this paper, a semi-physical simulation system based on a real oil storage and transportation industrial control system business is studied, and the system is attacked against the underlying business, so that a negative sample is obtained, and together with the normal data, a business security data set of the oil storage and transportation industrial control system(hereinafter referred to as the oil storage and transportation data set) is formed. The oil storage and transportation dataset was compared with the Mississippi dataset and the Singapore Water Plant dataset, and the transfer learning experiment was carried out using the above three datasets. The comparison results showed that the oil storage and transportation dataset contained more types of attacks than the other two datasets, and negative samples accounted for the highest proportion of the three datasets. The results of the transfer learning experiment show that the accuracy rate obtained by transferring the dataset of this paper to the dataset of the Singapore water plant dataset is higher than that of transferring from the Singapore water plant dataset to this dataset. Maybe because the attacks of the data set of this paper are relatively comprehensive and more attack samples are “seen” when transferring to the Singapore water plant dataset, a better accuracy rate is obtained;The same transfer learning algorithm has a high transfe
关 键 词:油料储运 工控系统安全 半实物仿真系统 工控系统安全数据集 迁移学习数据集
分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
