Author:
Zhang Dinghua,Hu Yibo,Cao Guoyan,Liu Yong,Shi Yuanbing,Huang Minghao,Pan Quan
Abstract
The autonomous security situation awareness on industrial networks communication has been a critical subject for industrial networks security analysis. In this paper, a CNN-based feature mining method for networks communication dataflow was proposed to intrusion detect industrial networks to extract security situation awareness. Specifically, a normalization technique uniforming different sorts of networks dataflow features was designed for dataflow features fusion in the proposed feature mining method. The proposed methods were used to detect the security situation of traditional IT networks and industrial control networks. Experiment results showed that the proposed feature analysis method had good transferability in the two network data, and the accuracy rate of network anomaly detection was ideal and had higher stability.
Reference29 articles.
1. Ratner A S, Kelly P. Anomalies in Network Traffic[C]//2013 IEEE International Conference on Intelligence and Security Informatics, 2013: 206–208
2. Camacho J, Macia-Fernandez G, Diaz-Verdejo J, et al. Tackling the Big Data 4 Vs for Anomaly Detection[C]//IEEE Conference on Computer Communications Workshops, Toronto, 2014: 500–505
3. Xu W, Huang L, Fox A, Patterson D A, et al. Detecting Large-Scale System Problems by Mining Console Logs[C]//The 27th International Conference on Machine Learning, Haifa, 2010: 37–46
4. Yen T F, Oprea A, Onarlioglu K, et al. Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks[C]//The 29th Annual Computer Security Applications Conference, New York, 2013: 199–208
5. Therdphapiyanak J, Piromsopa K. Applying Hadoop for Log Analysis toward Distributed IDS[C]//The 7th International Conference on Ubiquitous Information Management and Communication, New York, 2013: 1–3
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献