Research Of Intrusion Detection System About False Data Injection Attack On Process Control Systems

Process control systems is an important field of modern industrial automation,the introduction of modern network technology such as Internet,maks PCSs with physical isolation lost the "natural barrier" which resists attacks,meanwhile,the lack of protection of data integrity and confidentiality causes that information security incidents of process control system occur frequently.False data injection attack is a new attack on process control system in recent years,and it is one of the main means of hacking attack at present,to some extent,the threat level is higher than other types of attacks,and the general defense measures is invalid for this kind of attacks.Therefore,research of detection system of false data injection attack on process control system has great significance.In this paper,we design an intrusion detection system based on multivariate statistical method,which is used to detect the FDI attack aimed at process control system.First,this paper analyzes the current situation of research on information security of PCSs and establishes the FDI attack model which takes the Tennessee Eastman process as object.Secondly,the FDI model is applied to TE process control system to verify the effectiveness of the attack model.The intrusion detection system based on principal component analysis algorithm are designed to monitor PCSs data,the position of attack source is located by the method of contribution polt.PC A is a data-driven algorithm and it is applied for process monitoring,its advantage is that it can be completely independent of system model.In order to improve the accuracy of data detection and the response speed,an intrusion detection system based on kernel principal component analysis algorithm is proposed.Finally,due to the situation that wavelet analysis can describe the nonstationary of signal well and extract effective information from the signal,for the sake of reducing the false positive and false negative rate of IDS,denoising is conducted on signal according wavelet analysis previously,then IDS based on KPCA algorithm monitor system data in real time to guarantee safe operation of PCSs.