A Intrusion Detection Method Based on Imbalanced Power Communication Traffic

doi:10.3969/j.issn.1006-2475.2025.08.007

Abstract

Abstract: Abstract: With the proliferation of the Internet， cybersecurity issues have become increasingly prominent. Ensuring network security is crucial within electric power communication networks. However， one challenge faced by these networks is the disparity in the volume between normal and abnormal traffic， as well as the uneven distribution among different types of abnormal traffic. To address this issue， this paper proposes an intrusion detection method for imbalanced electric power communication traffic， named GSMOTE-EAVA. GSMOTE-EAVA firstly utilizes Recursive Feature Elimination for data preprocessing and feature selection by calculating the importance of features to identify the most critical ones. Secondly， to tackle the challenge of data imbalance， a Gaussian noise-based SMOTE algorithm is employed to augment the communication traffic data， thus enhancing the neural network model’s ability to learn and adapt to various situations. Finally， an ensemble adaptive voting algorithm based on classifiers like decision trees， random forests， KNN， and DNN is designed to implement intrusion detection in electric power communication network traffic. Through experiments on the IEC 60870-5-104 intrusion detection dataset and CICIDS2017 dataset， the proposed model significantly improves the detection rate of small sample categories in the dataset under four classifications， and can effectively identify and deal with abnormal traffic in the power communication network.

Key words: Key words: network security, machine learning, recursive feature elimination, intrusion detection, deep neural network

CLC Number:

中图分类号：TN99

XIE Shanyi1, 2, WANG Zhongao1, 2, ZHAN Congcong1, 2, LI Xingwang1, 2, XIA Haoran3. A Intrusion Detection Method Based on Imbalanced Power Communication Traffic [J]. Computer and Modernization, 2025, 0(08): 48-56.

References

［1］赵海龙，李海. 电力系统网络安全思考［J］. 农村电气化， 2022（11）:90-91.
［2］黄欣，赵敏彤，郇嘉嘉，等. 基于BWO-DBSCAN和CSA-OCRKELM的变电站数据流异常检测方法［J］. 广东电力， 2023，36（5）:39-48.
［3］朱佳佳，陈佳. 基于熵和SVM多分类器的异常流量检测方法［J］. 计算机技术与发展， 2016，26（3）:31-35.
［4］李道全，杨乾乾，鲁晓夫. 基于决策树的SDN网络入侵分类检测模型［J］. 计算机工程与设计， 2022，43（8）:2146-2152.
［5］ DOUZAS G， BACAO F. Effective data generation for imbalanced learning using conditional generative adversarial networks［J］. Expert Systems with Application， 2018，91:464-471.
［6］ MOHD N， SINGH A， BHADAURIA H S. Intrusion detection system based on hybrid hierarchical classifiers［J］. Wireless Personal Communications， 2021，121（1）:659-686.
［7］ LI N， ZHANG Y， HE F X， et al. Review of lithium-ion battery state of charge estimation［J］. Global Energy Interconnection， 2021，4（6）:619-630.
［8］ DHANYA K A， VAJIPAYAJULA S， SRINIVASAN K， et al. Detection of network attacks using machine learning and deep learning models［J］. Procedia Computer Science， 2023，218（3）:57-66.
［9］ AHMAD R，ALSMADI I，ALHAMDANI W， et al. A deep learning ensemble approach to detecting unknown network attacks［J］. Journal of Information Security and Applications，2022，67. DOI: 10.1016/j.jisa.2022.103196.
［10］ DEBAR H， BECKER M， SIBONI D. A neural network component for an intrusion detection system［C］// Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy. IEEE， 1992:240-250.
［11］谢金鑫，王怀彬. 基于卷积神经网络模型的网络入侵检测研究［J］. 天津理工大学学报， 2022，38（3）:32-36.
［12］ NGUYEN M T， KIM K. Genetic convolutional neural network for intrusion detection systems［J］. Future Generation Computer Systems， 2020，113:418-427.
［13］刘丹，姚立霜，王云锋，等. 面向类不平衡流量数据的分类模型［J］. 计算机应用， 2020，40（8）:2327-2333.
［14］张阳，张涛，陈锦，等. 基于SMOTE和机器学习的网络入侵检测［J］. 北京理工大学学报， 2019，39（12）:1258-1262.
［15］高莹莹，孙璇. 面向不平衡数据集的入侵检测算法［J］. 北京信息科技大学学报（自然科学版）， 2022，37（2）:81-86.
［16］黄秋丽，黄柱兴，杨燕. 基于递归特征消除和Stacking集成学习的股票预测实证研究［J］. 南宁师范大学学报（自然科学版）， 2021，38（3）:37-43.
［17］罗慧，刘梅招，周钰山，等. 基于长短期记忆网络的智能用电数据甄别方法［J］. 广东电力， 2019，32（2）:47-56.
［18］董宁，程晓荣. 基于深度学习的入侵检测系统［J］. 网络安全技术与应用， 2020（10）:30-32.
［19］马彩莎，焦立男，柳有权，等. 基于扩张卷积融合时序特征异常行为检测［J］. 计算机与现代化， 2024（2）:75-80.
［20］潘裕庆，张苏宁，冯仁君，等. 结合粒子群优化和LightGBM的入侵检测方法［J］. 计算机与现代化， 2023（4）:123-126.
［21］梁晶亮，黄军胜，白树军，等. 基于蚁群算法的电力数据网络APT攻击预警模型［J］. 计算机与现代化， 2019（1）:95-100.
［22］刘金硕，詹岱依，邓娟，等. 基于深度神经网络和联邦学习的网络入侵检测［J］. 计算机工程， 2023，49（1）:15-21.
［23］饶海兵，朱苏磊，杨春夏. 基于空时特征融合和注意力机制的网络入侵检测模型［J］. 计算机与现代化， 2022（6）:116-121.
［24］秦鸣乐，年梅，张俊. 基于深度生成对抗网络的恶意TLS流量识别［J］. 计算机与现代化， 2022（4）:121-126.
［25］张晓航，李政，朱晓明，等. 基于RBF神经网络的可信加密流量分类方法［J］. 计算机与现代化， 2022（2）:45-51.
［26］ SONG C， PENG H Z， XU L， et al. Probabilistic evaluation of cultural soil heritage hazards in China from extremely imbalanced site investigation data using SMOTE-Gaussian process classification［J］. Journal of Cultural Heritage， 2024，67:121-133.
［27］ LE T T H， KIM J， KIM H. An effective intrusion detection classifier using long short-term memory with gradient descent optimization［C］// 2017 International Conference on Platform Technology and Service （PlatCon）. IEEE， 2017. DOI: 10.1109/PlatCon.2017.7883684.

[1]	DENG Chao1, 2, YANG Fengkun1, 2, LI Jun3, CHEN Liangliang1, 2, GUO Zhichong4. Complex Fault Diagnosis Method of Charging Facilities Based on Bi-LSTM Residual Network [J]. Computer and Modernization, 2025, 0(07): 90-96.
[2]	LAI Zhiyong, WANG Tinghua, ZHANG Xin. Feature Weighted Support Vector Machine Based on HSIC Lasso [J]. Computer and Modernization, 2025, 0(07): 119-126.
[3]	XUE Wenxue, XIE Yingde. Privacy-preservation Models for Identifying Financial Fraud in Enterprises [J]. Computer and Modernization, 2025, 0(06): 16-20.
[4]	ZHANG Jun, JIANG Lin. Distributed System Fault Prediction Method Based on XGBoost & LightGBM [J]. Computer and Modernization, 2025, 0(05): 60-65.
[5]	ZHANG Yue, GUO Zixin, HUANG Yibin, YAN Tao. Network Intrusion Detection Method Based on Convolutional Neural Networks with convLSTM [J]. Computer and Modernization, 2025, 0(03): 119-126.
[6]	XU Shengchao, CHEN Fuqiang. A Food Safety Risk Warning Method Based on BP Neural Network [J]. Computer and Modernization, 2025, 0(01): 20-24.
[7]	WANG Mengxi, LI Jun. Review of Fall Detection Technologies for Elderly [J]. Computer and Modernization, 2024, 0(08): 30-36.
[8]	JIA Xiao-yao, . Breast Cancer Prediction and Feature Analysis Model Based on CatBoost and SHAP [J]. Computer and Modernization, 2023, 0(10): 32-38.
[9]	PAN Yu-qing, ZHANG Su-ning, FENG Ren-jun, JING Dong-sheng. Intrusion Detection Method Based on Particle Swarm Optimization Combined with LightGBM [J]. Computer and Modernization, 2023, 0(04): 123-126.
[10]	ZHANG Yun, BAI Kai-feng, WANG Xing, CANG Tian, ZHOU Tong, DUAN Jin-wen, SU Han. Review of Electricity Theft Detection in Smart Grid Environment [J]. Computer and Modernization, 2023, 0(03): 60-65.
[11]	SHI Zhi-wei, WU Zhi-feng, ZHANG Zhe. Stock Volatility Prediction of LightGBM-GRU Model under Corrective Learning Strategy [J]. Computer and Modernization, 2023, 0(01): 95-102.
[12]	GUAN Yun-peng, LIU Yu-long. Categorical Data Clustering Based on Extraction of Associations from Co-association Matrix [J]. Computer and Modernization, 2022, 0(11): 1-8.
[13]	RAO Hai-bing, ZHU Su-lei, YANG Chun-xia. Network Intrusion Detection Model Based on Space-time Feature Fusion and Attention Mechanism [J]. Computer and Modernization, 2022, 0(06): 116-121.
[14]	WU Shui-ming, JI Zhi-yuan, WANG Zhen-yu, JING Dong-sheng. Power Information Network Intrusion Detection Algorithm Based on Dueling-DDQN [J]. Computer and Modernization, 2021, 0(12): 43-47.
[15]	LENG Tao , . A Survey of Encrypted Traffic Classification Based on Deep Learning [J]. Computer and Modernization, 2021, 0(08): 112-120.