Research On Normal State And Intrusion Detection Of Industrial Control System Based On Cloud Model Algorithm

With the advancement of the plan including Industrial Intelligence and ’Made in China 2025’,Although networking and automation brings convenience to the control system,they also bring hidden dangers like illegal invasion and aggressive behavior.Comparing with protection methods of rule configuration,protection methods of anomaly detection can find different hidden and unknown threats.Meanwhile,these methods have detection delay caused by high algorithm complexity.And the algorithm principle causes simple analysis of attacking behavior and characteristics.This paper proposes a program using Cloud Model to realize the detection of industrial control system intrusion behavior.This method can analyze intrusion with low algorithm complexity,based on ensuring the validity of the data.At the same time,it can analyze attacks in more depth combining with controlling principles and characteristics of industrial control systems.Using Cloud Model to build intrusion detection scheme not only can realize the reproduction of attack waveforms and attack points,but also can provide engineers with more accurate and comprehensive inspection information,just like the changing characteristics of each node and the impact of aggressive behavior.This method theoretically reduces the risk of misjudging interference and errors as attacks.While satisfying high detection efficiency,Cloud Model can maintain a good detection effect.This paper starts from the current research status and challenges,then it s the definition of industrial control system and attack behavior.After that,it introduces the principles of the cloud model,and builds Cloud Image including key variable and timing feature from the changes in cloud image characteristics under several aggressive behaviors.Comparing with Cloud Images under different time windows,we use the change characteristics of the cloud to judge the impact of attack behavior.Finally,according to the evaluation of the Cloud Image change characteristics,,we built the final intrusion detection program with key variable extraction,feature weighting and sliding window sampling.The superiority and feasibility of this method are verified through the horizontal and vertical comparison.