Intrusion detection of industrial control system based on grey wolf optimization integrated random black hole

doi:10.11949/0438-1157.20191495

Abstract

Abstract:

Aiming at the characteristics of large data volume and high dimensions in the current industrial control system, a grey wolf optimization integrated random black hole (RBHGWO) algorithm incorporating a random black hole (RBH) strategy is proposed. When the wolf group updates the position of the next generation grey wolf, the proposed algorithm simulates the attraction of black holes, so that the individual in the wolf group can move faster towards the current global optimal solution, and enhances the convergence speed of the proposed algorithm. Meanwhile, individuals are randomly attracted by black holes, which maintain the local search ability of the proposed algorithm. Compared with particle swarm optimization (PSO), random black hole particle swarm optimization (RBHPSO), GWO algorithm and survival of fitness grey wolf optimization (SFGWO) algorithm using test functions, the experimental results show that the RBHGWO algorithm has fast convergence speed and excellent convergence accuracy. Moreover, based on the data set of Tennessee-Eastman (TE) simulation platform, the situation of industrial control systems is simulated by attacking from the covert intrusion. The experimental results show that the RBHGWO algorithm has obvious advantages in convergence accuracy, iteration speed and stability in the feature selection of intrusion detection of industrial control systems.

Key words: industrial control system, intrusion detection, feature selection, algorithm, optimization, simulation

摘要：

针对当前工控系统中数据体量大、维度高的特点，提出了一种融合随机黑洞(random black hole, RBH)策略的灰狼优化(grey wolf optimization integrated random black hole, RBHGWO)算法。该方法在更新下一代灰狼位置时，模拟黑洞的吸引方式，让狼群中的个体能够更快地向着当前全局最优解移动，增强了算法的收敛速度；同时个体以随机策略被黑洞吸引，保持了算法的局部搜索能力。通过优化算法测试函数验证，RBHGWO算法与粒子群优化(particle swarm optimization, PSO)算法、随机黑洞粒子群优化(particle swarm optimization integrated random black hole, RBHPSO)算法、GWO算法和优胜劣汰的灰狼优化(survival of fitness grey wolf optimization, SFGWO)算法进行了实验对比。结果表明，RBHGWO算法具有较快的收敛速度和较好的寻优精度。同时以田纳西-伊斯曼(Tennessee-Eastman, TE)数据集为基础进行仿真实验，结果表明该算法应用于在工控系统入侵检测的特征选择中，其收敛精度、迭代速度以及稳定性都有明显优势。

关键词: 工业控制系统, 入侵检测, 特征选择, 算法, 优化, 模拟

CLC Number:

TP 29

Zhiqiang GENG, Rongfu ZENG, Yuan XU, Yongming HAN, Xiangbai GU. Intrusion detection of industrial control system based on grey wolf optimization integrated random black hole[J]. CIESC Journal, 2020, 71(3): 1080-1087.

耿志强, 曾荣甫, 徐圆, 韩永明, 顾祥柏. 融合灰狼优化算法在工控系统入侵检测中的应用[J]. 化工学报, 2020, 71(3): 1080-1087.

Figures/Tables 11

Fig.1 Random black hole model

Table 1 Test function parameter table

函数	名称	变量定义域	维数
f₁	Sphere	[-100,100]	30
f₂	Schwefel’Problem 2.2.2	[-10,10]	30
f₃	Quadratic	[-1.28,1.28]	30
f₄	Rastrigin	[-5.12,5.12]	30
f₅	Ackley	[-32,32]	30
f₆	Griewank	[-600,600]	30

Table 2 Algorithm parameter table

函数	参数
PSO	$c 1$ = 2; $c 2$ =2; $ω$ =0.9
RBHPSO	$c 1$ = 2; $c 2$ = 2; $ω$ = 0.9;p =0.1;R = 0.01
GWO	None
SFGWO	Bound=0.618
RBHGWO	p =0.1;R =0.01

Table 2 Algorithm parameter table

函数	参数
PSO	$c 1$ = 2; $c 2$ =2; $ω$ =0.9
RBHPSO	$c 1$ = 2; $c 2$ = 2; $ω$ = 0.9;p =0.1;R = 0.01
GWO	None
SFGWO	Bound=0.618
RBHGWO	p =0.1;R =0.01

Fig.2 Iterative results of optimization algorithm

Table 3 Average of experimental results

算法	f₁	f₂	f₃	f₄	f₅	f₆
PSO	0.82313	2.3232	0.56841	29.221	12.084	21.476
RBHPSO	0.17903	1.2065	3.2471×10^-3	55.896	3.0695	1.5907×10^-2
GWO	3.7862×10^-22	3.6166×10^-15	1.9252×10^-3	3.1175	2.3667×10^-13	1.9669×10^-3
SFGWO	1.3674×10^-27	1.4859×10^-18	1.2350×10^-3	2.1013	5.9153×10^-14	×10^-11
RBHGWO	1.2212×10^-48	2.4761×10^-29	8.3071×10^-4	0	2.2678×10^-14	0

Table 4 Standard deviation of experimental results

算法	f₁	f₂	f₃	f₄	f₅	f₆
PSO	1.1506	0.78267	2.4520	67.834	7.0350	3.8529
RBHPSO	5.7589×10^-2	2.7347	1.8095×10^-3	11.429	0.64447	1.3769×10^-2
GWO	3.5463×10^-22	3.9915×10^-15	1.1116×10^-3	2.1504	6.6311×10^-14	5.2292×10^-3
SFGWO	1.7031×10^-27	1.1864×10^-18	5.9602×10^-4	3.1738	8.1122×10^-15	3.6160×10^-11
RBHGWO	2.7222×10^-48	2.8038×10^-29	7.7627×10^-4	0	5.2557×10^-15	0

Fig.3 TE process flow chart

Fig.4 Process of reactor temperature change

Table 5 Experimental results of KNN classifier

算法	最优适应度值	最差适应度值	平均适应度值	标准差	运行时间/s
PSO	0.700901	0.583810	0.659407	0.034861	1059.4
RBHPSO	0.750727	0.619167	0.681132	0.027943	1171.6
GWO	0.758889	0.677368	0.739011	0.019231	727.4
SFGWO	0.766481	0.728148	0.743300	0.011645	813.7
RBHGWO	0.774815	0.754815	0.764130	0.006621	692.1

Table 6 Experimental results of NBC classifier

算法	最优适应度值	最差适应度值	平均适应度值	标准差	运行时间/s
PSO	0.727593	0.544355	0.658435	0.051886	144.1
RBHPSO	0.722364	0.607692	0.681142	0.038472	173.5
GWO	0.757778	0.701273	0.741643	0.015378	122.1
SFGWO	0.767407	0.738333	0.752955	0.009589	167.4
RBHGWO	0.785926	0.767222	0.776455	0.006770	121.4

Table 7 Experimental results of DT classifier

算法	最优适应度值	最差适应度值	平均适应度值	标准差	运行时间/s
PSO	0.692807	0.583200	0.639045	0.030142	286.5
RBHPSO	0.777658	0.630508	0.693065	0.047811	256.8
GWO	0.801481	0.739107	0.783442	0.017398	214.9
SFGWO	0.806667	0.768519	0.788683	0.012241	372.6
RBHGWO	0.847778	0.820556	0.830486	0.010125	221.9

References 31

1	Serpanos D.Secure and resilient industrial control systems [J].IEEE Design & Test,2018,35(1):90-94.
2	Paridari K,Mahony,Mady A E,et al.A framework for at-tack-resilient industrial control systems: attack detection and controller reconfiguration [J].Proceedings of the IEEE,2018,106(1):113-128.
3	Geng Z Q,Chen N,Han Y,et al.An improved intelligent early warning method based on MWSPCA and its application in complex chemical processes [J].The Canadian Journal of Chemical Engineering，2019，doi.org/0.1002/cjce.23674.
4	Geng Z Q,Liu F F,Han Y M,et al.Fault diagnosis of chemical processes based on a novel adaptive kernel principal component analysis[C]//12th Asian Control Conference.Fukuoka,2019:1495-1500
5	Chung M Y,Ahn W,Min B G,et al.An analytical method for developing appropriate protection profiles of Instrumentation & Control System for nuclear power plants [J].Journal of Supercomputing,2018,74(3):1378-1393.
6	Wu M T,Song Z Y,Moon Y B.Detecting cyber-physical attacks in cyber manufacturing systems with machine learning methods [J].Journal of Intelligent Manufacturing,2019,30(3):1-13.
7	Yılmaz E N,Gönen S.Attack detection/prevention system against cyber-attack in industrial control systems [J].Computers & Security,2018,77:94-105.
8	Li J,Zha Y.CMA: a reconfigurable complex matching accelerator for wire-speed network intrusion detection [J].IEEE Computer Architecture Letters,2018,17(1):33-36.
9	Kasongo S M,Sun Y X.A deep learning method with filter based feature engineering for wireless intrusion detection system [J].IEEE Access,2019,7:38597-38607.
10	Wang N,Du X H,Wang W J.Building a cloud IDS using an efficient feature selection method and SVM [J].IEEE Access,2019,7:1345-1354.
11	Acharya N,Singh S.An IWD-based feature selection method for intrusion detection system [J].Soft Computing,2018,22(13):4407-4416.
12	Zhou T,Lu H L,Wang W W,et al.GA-SVM based feature selection and parameter optimization in hospitalization expense modeling [J].Applied Soft Computing,2019,75:323-332.
13	Tao P Y,Sun Z,Sun Z X.An improved intrusion detection algorithm based on GA and SVM [J].IEEE Access,2018,6:1.
14	Kushwaha N,Pant M.Link based BPSO for feature selection in big data text clustering [J].Future Generation Computer Systems,2018,82:190-199.
15	Kashef S,Nezamabadi-pour H.An advanced ACO algorithm for feature subset selection [J].Neurocomputing,2015,147:271-279.
16	Zawbaa,Hossam M,Emary E,et al.Feature selection approach based on moth-flame optimization algorithm [C]//2016 IEEE Congress on Evolutionary Computation,2015：4612-4617
17	Milan T,Nebojsa B.Improved seeker optimization algorithm hybridized with firefly algorithm for constrained optimization problems [J].Neurocomputing,2014,143:197-207.
18	Mirjalili S,Lewis A.Grey wolf optimizer [J].Advances in Engineering Software,2014,69(3):46-61.
19	Zhou Z Y,Zhang R X,Wang Y M,et al.Color difference classification based on optimization support vector machine of improved grey wolf algorithm [J].Optik,2018,170:17-29.
20	Li S Y,Wang S M,Wang P F,et al.An improved grey wolf optimizer algorithm for the inversion of geoelectrical data [J].Acta Geophysica,2018,66(4):607-621.
21	Wu T B,Gui W H,Yang C H,et al.Improved grey wolf optimization algorithm with logarithm function describing convergence factor and its application [J].Journal of Central South University (Science and Technology),2018,49(4):857-864.
22	Zhang J Q,Liu K,Tan Y,et al.Random black hole particle swarm optimization and its application [C]//2008 International Conference on Neural Net-Works and Signal Processing,2007,1/2:359-365.
23	Ji Z W,Hu M,Yin J X.A survey of feature selection algorithm [J].Electronic Design Engineering,2011,9:46-51.
24	Chen B S,Cheng Y M,Lee C H.A genetic approach to mixed H₂/H_∞ optimal PID control [J].IEEE Control Systems,1995,15(5):51-60.
25	Downs J J,Vogel E F.A plant-wide industrial process control problem [J].Computers and Chemical Engineering,1993,17(3):245-255.
26	Ricker N L.Tennessee Eastman challenge archive [EB/OL]. [2017-05-31]. http: //depts.washington.edu/control/LARRY/TE/download.html.
27	Ricker N L.Decentralized control of the Tennessee Eastman challenge process [J].Journal of Process Control,1996,6(4):205-221.
28	Lv X F,Xie Y B.An anomaly detection method for industrial control systemsvia state transition graph [J].Acta Automatica Sinica,2018,44(9):1662-1671.
29	Peterson L.K-nearest neighbor [J].Scholarpedia,2009,4(2):1883.
30	Langley P,Thompson K.An analysis of Bayesian classifiers [C]//Proceedings of the 10th National Conference on Artificial Intelligence,San Jose, CA,1992:223-228.
31	Breiman L,Friedman J,Olshen R.Classification and Regression Trees [M].California:Wadsworth Belement,1984.

[1]	Zhanyu YE, He SHAN, Zhenyuan XU. Performance simulation of paper folding-like evaporator for solar evaporation systems [J]. CIESC Journal, 2023, 74(S1): 132-140.
[2]	Long ZHANG, Mengjie SONG, Keke SHAO, Xuan ZHANG, Jun SHEN, Runmiao GAO, Zekang ZHEN, Zhengyong JIANG. Simulation study on frosting at windward fin end of heat exchanger [J]. CIESC Journal, 2023, 74(S1): 179-182.
[3]	Yifei ZHANG, Fangchen LIU, Shuangxing ZHANG, Wenjing DU. Performance analysis of printed circuit heat exchanger for supercritical carbon dioxide [J]. CIESC Journal, 2023, 74(S1): 183-190.
[4]	Zhiguo WANG, Meng XUE, Yushuang DONG, Tianzhen ZHANG, Xiaokai QIN, Qiang HAN. Numerical simulation and analysis of geothermal rock mass heat flow coupling based on fracture roughness characterization method [J]. CIESC Journal, 2023, 74(S1): 223-234.
[5]	Xin YANG, Wen WANG, Kai XU, Fanhua MA. Simulation analysis of temperature characteristics of the high-pressure hydrogen refueling process [J]. CIESC Journal, 2023, 74(S1): 280-286.
[6]	Jiahao SONG, Wen WANG. Study on coupling operation characteristics of Stirling engine and high temperature heat pipe [J]. CIESC Journal, 2023, 74(S1): 287-294.
[7]	Siyu ZHANG, Yonggao YIN, Pengqi JIA, Wei YE. Study on seasonal thermal energy storage characteristics of double U-shaped buried pipe group [J]. CIESC Journal, 2023, 74(S1): 295-301.
[8]	Congqi HUANG, Yimei WU, Jianye CHEN, Shuangquan SHAO. Simulation study of thermal management system of alkaline water electrolysis device for hydrogen production [J]. CIESC Journal, 2023, 74(S1): 320-328.
[9]	Song HE, Qiaomai LIU, Guangshuo XIE, Simin WANG, Juan XIAO. Two-phase flow simulation and surrogate-assisted optimization of gas film drag reduction in high-concentration coal-water slurry pipeline [J]. CIESC Journal, 2023, 74(9): 3766-3774.
[10]	Yuanchao LIU, Bin GUAN, Jianbin ZHONG, Yifan XU, Xuhao JIANG, Duan LI. Investigation of thermoelectric transport properties of single-layer XSe₂(X=Zr/Hf) [J]. CIESC Journal, 2023, 74(9): 3968-3978.
[11]	Zhewen CHEN, Junjie WEI, Yuming ZHANG. System integration and energy conversion mechanism of the power technology with integrated supercritical water gasification of coal and SOFC [J]. CIESC Journal, 2023, 74(9): 3888-3902.
[12]	Minghao SONG, Fei ZHAO, Shuqing LIU, Guoxuan LI, Sheng YANG, Zhigang LEI. Multi-scale simulation and study of volatile phenols removal from simulated oil by ionic liquids [J]. CIESC Journal, 2023, 74(9): 3654-3664.
[13]	Yue CAO, Chong YU, Zhi LI, Minglei YANG. Industrial data driven transition state detection with multi-mode switching of a hydrocracking unit [J]. CIESC Journal, 2023, 74(9): 3841-3854.
[14]	Jianbo HU, Hongchao LIU, Qi HU, Meiying HUANG, Xianyu SONG, Shuangliang ZHAO. Molecular dynamics simulation insight into translocation behavior of organic cage across the cellular membrane [J]. CIESC Journal, 2023, 74(9): 3756-3765.
[15]	Jiajia ZHAO, Shixiang TIAN, Peng LI, Honggao XIE. Microscopic mechanism of SiO₂-H₂O nanofluids to enhance the wettability of coal dust [J]. CIESC Journal, 2023, 74(9): 3931-3945.