Multi-level adaptive coupled method for industrial control networks safety based on machine learning

• Published in: Safety science Vol. 120; pp. 268 - 275
• Main Authors: Chen, Wanzhi, Liu, Tianjiao, Tang, Yu, Xu, Dongsheng
• Format: Journal Article
• Language: English
• Published: Amsterdam Elsevier Ltd 01.12.2019; Elsevier BV
• Subjects: Adaptive algorithms; Adaptive control; Algorithms; Anomalies; Artificial intelligence; Datasets; Industrial control network safety; Intrusion detection; Learning algorithms; Machine learning; Multi-level adaptive coupled; Principal components analysis; Safety; White list filtering; Industrial control network safety; Multi-level adaptive coupled; White list filtering; Intrusion detection; Machine learning
• ISSN: 0925-7535; 1879-1042
• DOI: 10.1016/j.ssci.2019.07.012

•A multi-level adaptive coupled intrusion detection method was proposed.•Detection implemented combining white list filtering with machine learning algorithm.•Made up for the deficiency and blindness of traditional single detection algorithm. In response to the problem of low detection rate on different types of attacks in industrial control networks safety by traditional single detection algorithm models, a multi-level adaptive coupled method combining white list technology and machine learning was proposed. The white list was used to filter the communication behaviors that could not match with the rules at first level, then machine learning model were used to anomaly detect the abnormal communication behaviors at second level. Firstly, In the process of machine learning, the original dataset was preprocessed by Principal Component Analysis (PCA). Then the off-line data training was carried out by adaptive coupled algorithm, and the classifier model was constructed secondly. Finally, on-line anomaly detection was realized. The experimental results show that the proposed method was improved the detection rate than other algorithm significantly.