Research On Intrusion Detection Technology Based On Deep Learning For Power Industrial System

The power industrial control system is an industrial control system technology applied to the power system,also known as the smart grid.There is a huge scale of network traffic in the smart grid,so the use of machine learning-based intrusion detection systems does not work well.In recent years,the intrusion detection technology based on deep learning has also been greatly developed and can be used in power industrial control networks.In view of this,an ensemble learning method is proposed,which uses the idea of stacked generalization.First,a method of creating time series samples is proposed.The sliding window method is used to stack the original data in the window into time series data,so that the structure of the input data is reasonable and the detection accuracy is improved.Next,the long short-term memory network algorithm and the convolutional neural network algorithm are modeled and tuned.Finally,a meta-learner is selected in logistics regression,random forest algorithm and gradient boosting decision tree algorithm,which plays a role in correcting the deviation of each primary learner in the stacked generalization idea,and then uses the k-fold cross-validation algorithm to train the meta-learner to avoid overfitting occurs.After the modeling was completed,the performance of the method was tested on the standard smart grid control system intrusion detection data set,and the performance of the method was tested with the support vector machine algorithm,the random forest algorithm,the single long and short-term memory network algorithm,and the single convolutional neural network algorithm.The result of the comparative experiment is that the proposed ensemble algorithm achieves a higher accuracy rate in both the binary classification and the multi-class classification,but the macro recall rate in the multi-class classification is lower than the higher one in the primary learner.Due to the limitation of the computing resources of the experimental platform,the training time of the proposed integrated algorithm is longer,but if the computing resources are increased to achieve the effect of parallel training,the training time can be shortened.It can be seen from the analysis results of the multi-classification that the proposed integrated algorithm has a poor detection effect on malicious status code injection attacks,but it is still better than other comparison algorithms.It has a particularly good detection effect on denial of service attacks and malicious function code injection attacks.The rate is close to 100%,and the reason is analyzed at the end.