基于深度Q网络的电力工控网络异常检测系统

doi:10.3969/j.issn.1006-2475.2019.12.021

计算机与现代化

基于深度Q网络的电力工控网络异常检测系统

(华北电力大学，北京102206)

收稿日期:2019-04-30 出版日期:2019-12-11 发布日期:2019-12-11
作者简介:王竹晓(1981-)，男，四川自贡人，讲师，博士，研究方向：自治愈技术，智能电网Cyber-Physical系统安全，E-mail: wzx@ncepu.edu.cn; 张彭彭(1994-)，男，河南商丘人，硕士研究生，研究方向：网络信息安全，E-mail: 1069789277@qq.com; 李为(1967-)，女，教授，硕士，研究方向：智能电网软件技术，电力信息安全; 吴克河(1962-)，男，教授，博士，研究方向：智能电网软件技术，电力信息安全; 崔文超(1983-)，男，讲师，博士，研究方向：信息安全和电力信息化; 程瑞(1989-)，男，博士研究生，研究方向：信息安全和电力信息化。
基金资助:
国家电网公司科技项目(521304190004)

Electric Power Industrial Control Network Anomaly Detection #br# System Based on Deep Q Network

(North China Electric Power University, Beijing 102206, China)

Received:2019-04-30 Online:2019-12-11 Published:2019-12-11

摘要/Abstract

摘要： 电力是指以电能作为动力的能源，完整的电力系统包括发电、输电、变电、配电和用电等环节。电力是关系国计民生的基础产业，电力供应和安全事关国家安全战略，事关经济社会发展全局。工业自动化和控制系统（简称“工控”）作为电力的感官和中枢神经系统，确保其网络安全，使其始终处于稳定可靠运行状态，对于保障电力安全运营至关重要。由于大部分网络都是高度互联的，因此都易受到网络攻击的威胁。虽然基于网络的入侵检测系统可以将入侵警告和安全响应进行很好的结合，但是随着技术的不断发展，攻击变得越来越普遍且难以检测，其中逃逸技术就是这类技术的一个代表，它可以通过伪装修改网络数据流以此来逃避入侵检测系统的检测。结合所学知识和电力工控网络的特点，提出一种基于深度强化学习的电力工控网络入侵检测系统，深度强化学习的算法融合神经网络和Q-learning的方法来对网络中的异常现象进行训练，通过训练使系统能及时地检测出入侵行为并发出警告。

关键词: 电力工控网络, 网络入侵, 神经网络, DQN

Abstract: Electricity refers to energy powered by electrical energy. The complete power system includes power generation, transmission, substation, power distribution and power consumption. Electricity is a basic industry that affects the national economy and the people’s livelihood. Power supply and security are related to national security strategies and are related to the overall situation of economic and social development. Industrial automation and control systems (referred to as “industrial control”) as the sensory and central nervous system of electricity, to ensure their network security, so that it is always in a stable and reliable state of operation, is essential to ensure safe operation of electricity. Because most networks are highly interconnected, they are vulnerable to cyber attacks. Although network-based intrusion detection systems can combine intrusion warnings and security responses well, as technology continues to evolve, attacks become more common and difficult to detect, and escape technology is a representative of such technologies. It can evade detection by the intrusion detection system by masquerading the network data stream. Combining with the knowledge and the characteristics of the power industrial control network, a power industrial network intrusion detection system based on deep reinforcement learning is proposed. The deep reinforcement learning algorithm combines the neural network and Q-learning methods into the network. The anomaly is trained to enable the system to detect intrusions and issue warnings in a timely manner.

Key words: electric power industrial control network, network intrusion, neural network, DQN

中图分类号:

TP393

王竹晓，张彭彭，李为，吴克河，崔文超，程瑞. 基于深度Q网络的电力工控网络异常检测系统[J]. 计算机与现代化, doi: 10.3969/j.issn.1006-2475.2019.12.021.

WANG Zhu-xiao, ZHANG Peng-peng, LI Wei, WU Ke-he, CUI Wen-chao, CHENG Rui. Electric Power Industrial Control Network Anomaly Detection #br# System Based on Deep Q Network[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2019.12.021.

参考文献

［1］陈星,贾卓生. 工业控制网络的信息安全威胁与脆弱性分析与研究［J］. 计算机科学, 2012,39(z2):188-190.
［2］CANNADY J. Next generation intrusion detection: Autonomous reinforcement learning of network attacks［C］// Proceedings of the 23rd National Information Systems Security Conference. 2000:1-12.
［3］〖KG-*4〗XU X. Sequential anomaly detection based on temporal-difference learning: Principles, models and case studies［J］. Applied Soft Computing, 2010,10(3):859-867.
［4］周志华. 机器学习［M］. 北京:清华大学出版社, 2016:371-373.
［5］〖JP2〗徐志雄,曹雷,陈希亮. 基于强化学习的无人坦克对战仿真研究［J］. 计算机工程与应用, 2018,54(8):166-171.
［6］KOBER J, PETERS J. Reinforcement learning in robotics: A survey［M］// Learning Motor Skills. Springer, 2014:9-67.
［7］高阳,周如益,王皓,等. 平均奖赏强化学习算法研究［J］. 计算机学报, 2007,30(8):1372-1378.
［8］〖KG-*4〗KOBER J, BAGNELL J A, PETERS J. Reinforcement learning in robotics: A survey［J］. International Journal of Robotics Research, 2013,32(11):1238-1274.
［9］高阳,陈世福,陆鑫. 强化学习研究综述［J］. 自动化学报, 2004,30(1):86-100.
［10］WATKINS C, DAYAN P. Q-learning［J］. Machine Learning, 1992,8(3):279-292.
［11］RUMMERY G, NIRANJAN M. On-line Q-learning Using Connectionist Systems［R］. Department of Engineering, University of Cambridge, 1994.
［12］GULLAPALLI V. Reinforcement Learning and Its Application to Control［D］. University of Massachusetts, 1992.
［13］MOORE A W. Efficient Memory-based Learning for Robot Control［D］. University of Cambridge, 1990.
［14］MNIH V, KAVUKCUOGLU K, SILVER D, et al. Human-level control through deep reinforcement learning［J］. Nature, 2015,518(7540):529-533.
［15］MNIH V, KAVUKCUOGLU K, SILVER D, et al. Playing Atari with Deep Reinforcement Learning［DB/OL］. (2013-12-19)［2019-04-10］. https://arxiv.org/pdf/1312.5602.pdf.
［16］LECUN Y, BENGIO Y, HINTON G. Deep learning［J］. Nature, 2015,521(7553):436-444.
［17］GOODFELLOW I, BENGIO Y, COURVILLE A. Deep Learning［M］. MIT Press, 2016.
［18］CHANDOLA V, BANERJEE A, KUMAR V. Anomaly detection: A survey［J］. ACM Computing Surveys, 2009,41(3): Article No. 15. DOI: 10.1145/1541880.1541882.
［19］LASKOVP, DUSSEL P, SCHAFER C, et al. Learning intrusion detection: Supervised or unsupervised?［C］// Proceedings of the 13th International Conference on Image Analysis and Processing. 2005:50-57.
［20］王海凤. 工业控制网络的异常检测与防御资源分配研究［D］. 杭州:浙江大学, 2014.
［21］LECUN Y, BOTTOU L, BENGIO Y, et al. Gradient-based learning applied to document recognition［J］. Proceedings of the IEEE, 1998,86(11):2278-2324.

[1]	宋涛涛, 李艳萍, 李洪港, 韩春雪. 基于改进变结构趋近律的机械臂滑模控制系统[J]. 计算机与现代化, 2023, 0(12): 14-18.
[2]	周成诚, 曾庆军, 杨康, 胡家铭, 韩春伟. 基于高效通道注意力模块的运动想象脑电识别[J]. 计算机与现代化, 2023, 0(12): 19-23.
[3]	王宇航, 董宝良, 公超, 尚真真, 姚康宁. 基于意图识别的空中群目标动态威胁评估[J]. 计算机与现代化, 2023, 0(12): 100-104.
[4]	谷明轩, 范冰冰. 基于多模态特征融合的抑郁症识别[J]. 计算机与现代化, 2023, 0(10): 17-22.
[5]	陈俊义. 基于图节点动静态特征的健康事件预测模型[J]. 计算机与现代化, 2023, 0(10): 39-44.
[6]	黎世达, 项剑文. 一种提高图像识别模型鲁棒性的弱化强化方法[J]. 计算机与现代化, 2023, 0(10): 70-76.
[7]	陈子健, 段春红. 面向在线学习情境的认知情绪面部表情识别[J]. 计算机与现代化, 2023, 0(10): 92-98.
[8]	刘付琪, 张达, 宋建华, 王海东. 基于CNN-BiLSTM的液压系统故障诊断[J]. 计算机与现代化, 2023, 0(09): 10-19.
[9]	吴甜, 刘海华, 童顺延. 基于深度反馈的卷积神经网络的图像分类[J]. 计算机与现代化, 2023, 0(09): 82-86.
[10]	毛明扬, 徐胜超. 面向粒子群优化BP神经网络的粗糙集连续属性离散化算法[J]. 计算机与现代化, 2023, 0(09): 115-119.
[11]	孙子雨, 任燃, 魏曦哲. 基于DTW-TCN的股票分类及预测研究[J]. 计算机与现代化, 2023, 0(08): 31-37.
[12]	曾丽丽, 汤华贝, 牛艺晓, 孟凡月. 基于LSTM堆叠残差网络的岩相识别方法[J]. 计算机与现代化, 2023, 0(08): 38-43.
[13]	江蕾, 唐建, 杨超越, 吕婷婷. 基于CWGAN-GP与CNN的轴承故障诊断方法[J]. 计算机与现代化, 2023, 0(07): 1-6.
[14]	崔少国, 张岗, 王奥迪. 基于感知注意力的深度交叉网络推荐模型[J]. 计算机与现代化, 2023, 0(07): 54-60.
[15]	许叶彤, 耿信哲, 赵伟强, 张月, 宁海龙, 雷涛. 基于CNN-Transformer混合结构的遥感影像变化检测模型[J]. 计算机与现代化, 2023, 0(07): 79-85.

基于深度Q网络的电力工控网络异常检测系统

Electric Power Industrial Control Network Anomaly Detection #br# System Based on Deep Q Network

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价