Research And Application Of Intrusion Detection Algorithm In Industrial Control System

With the further development of the "integration of Informatization and Industrialization",traditional industrial control systems and advanced network information technology are integrated with each other,which promotes the improvement of production efficiency and the strengthening of cross-regional cooperation.However,due to the characteristics of the open environment of the Internet and the vulnerability of the industrial control system itself,large-scale industrial accidents in the field of industrial control have frequently occurred since the beginning of the new century,which has caused great harm to politics,the economy,the environment,and people's lives.Therefore,research on intrusion detection algorithms in the field of industrial control is imminent.Traditional intrusion detection algorithms are mostly machine learning methods.In the face of large-volume,high-dimensional industrial control data with redundant variables,the detection results are often unsatisfactory,so deep learning models are introduced as a new method for intrusion detection.However,the parameter setting of the deep learning model will affect the efficiency of the calculation during the specific intrusion detection process.Therefore,a long and short-term memory neural network based on the grey wolf optimization algorithm based on the random black hole strategy is proposed.The model improves the efficiency of model detection through parameter optimization.And a transfer entropy analysis algorithm integrating the kernel principal component analysis algorithm is proposed to realize the detection and attack path analysis of unknown pattern intrusion attacks.The main research contents of this paper are as follows:1.Aiming at the problem of low detection efficiency caused by inconsistent parameter setting standards for deep learning models and the low convergence efficiency of the intelligent population optimization algorithm during iteration,a grey wolf optimization algorithm based on random black hole strategy was proposed.By modifying the formula for updating the position of the grey wolf population and redirecting the update orientation,the iterative efficiency of the grey wolf optimization algorithm is improved,and the parameter optimization effect is improved.2.Aiming at the problem that traditional machine learning has a low classification effect when facing industrial control data with large volume,high dimensions and redundant variables,an intrusion detection model based on deep learning model is proposed.The long and short-term memory neural network model is used as a basic classifier to detect intrusion attacks,and the grey wolf optimization algorithm based on random black hole strategy is integrated as a parameter optimization method in the training process to obtain an efficient intrusion detection model.Through the excellent classification ability of the deep learning model and the excellent parameter optimization ability of the grey wolf optimization algorithm based on random black hole strategy,an efficient identification of intrusion attacks is achieved.3.Aiming at the problem that the intrusion attacks of unknown modes cause harm to the production process and it is difficult to trace and analyze,a transfer entropy analysis algorithm integrating the kernel principal component analysis algorithm is proposed.Through the detection algorithm based on the kernel principal component analysis algorithm,the intrusion attack of unknown mode is detected.When the model alarms,further calculating the transmission entropy of the data to obtain the transmission relationship between the variables to determine the propagation of the intrusion attack path to assist the corresponding personnel in accurately responding to the damage caused by intrusion attacks.