| 摘 要: 随着工业控制系统(ICS)不断发展,关键基础设施的网络安全,尤其是ICS中的数据采集与监视控制系统(SCADA)正在面临着巨大的风险。提出了一种融合多种深度学习模块的方法,用于解决当前ICS样本不平衡和召回率低的问题。使用 WGAN进行数据增强,提出了一种基于BiLSTM 和多头注意力机制用于对多分类的入侵检测任务,通过混淆矩阵、准确率、召回率等评估模型性能,准确率和召回率达到了95.61%和92.08%。通过消融实验,验证了所提出的每个模块的重要性。 |
| 关键词: 入侵检测 WGAN BiLSTM 网络安全 |
|
中图分类号:
文献标识码: A
|
|
| Research on SCADA Intrusion Detection Integrating WGAN,Multi-head Attention Mechanism and BiLSTM |
|
QI Zhenyan1,2, ZHU Xiaodong1, YU Guiqi3
|
(1.Business School, University of Shanghai for Science & Technology, Shanghai 200093, China;
2.The Third Research Institute of the Ministry of Public Security, Shanghai 200031, China;
3.Cyber Security Protection Division, Shanghai Public Security Bureau, Shanghai 201799, China)
qizy@mctc.org.cn; zhuxd@usst.edu.cn; yuguiqi@163.com
|
| Abstract: With the continuous development of industrial control systems (ICS), cybersecurity for critical infrastructure—particularly the Supervisory Control and Data Acquisition ( SCADA) systems within ICS—faces significant risks. This paper proposes a method integrating multiple deep learning modules to address current challenges of imbalanced ICS samples and low recall rates. First, WGAN is employed for data augmentation. Subsequently, a novel framework combining BiLSTM and mult-i head attention mechanisms is introduced for mult-i class intrusion detection tasks. Model performance is evaluated using confusion matrices, accuracy, recall rate, and other metrics,achieving 95.61% accuracy and 92.08% recall. Ablation studies further validate the critical contribution of each proposed module. |
| Keywords: intrusion detection WGAN BiLSTM cybersecurity |
