Citation: | CAO Ce, XIE Lun, LI Lian-peng, WANG Zhi-liang. Intrusion detection techniques of variable-frequency vector control system[J]. Chinese Journal of Engineering, 2019, 41(8): 1074-1084. DOI: 10.13374/j.issn2095-9389.2019.08.013 |
As induction motors are the control core in variable-frequency speed-regulating systems, their efficient operation in industrial production processes needs to be ensured. To realize this, the accuracy and security of control commands and equipment parameters have been the priorities for industrial security protection research. This study aims to investigate the intrusion detection techniques of the AC-DC-AC variable-frequency vector control system for induction motors under EtherCAT industrial bus. First, the EtherCAT bus protocol is deeply analyzed, and combined with the EtherCAT industrial bus common protocol vulnerabilities that have been discovered so far, the key characteristics of the protocol data packets are extracted, and the EtherCAT bus protocol intrusion detection rule base is constructed. A three-dimensional pointer linked list tree is used as the retrieval data structure for the EtherCAT bus protocol rule base. Second, model parameters are simulated and calculated based on the physical model of the AC-DC-AC inverter vector control system of the induction motor. Then a least-squares support vector machine (LSSVM) with the characteristics of vector control model intrusion is constructed on the basis of the simulation results, and the parameters of LSSVM classifier are optimized using the chaotic particle swarm optimization (CPSO) algorithm, both of which constitute the CPSO-LSSVM intrusion detection classification algorithm. After the anomaly data packets are classified, they will be transferred to the Suricata intrusion detection engine for precise rule matching. Finally, a physical experiment environment is built for the intrusion detection system. The simulation results of the AC-DC-AC variable-frequency vector control model in this paper show good dynamic performance, which is similar to the trend of waveform change on actual vector control system parameters. The effectiveness of the intrusion detection system is verified by extracting part of the KDD Cup99 test dataset to implement the behaviors of attacks, such as the denial of service (DOS), remote-to-local (R2L), user-to-root (U2R), and Probing attacks on the intrusion detection system.
[1] |
Haller P, Genge B. Using sensitivity analysis and cross-association for the design of intrusion detection systems in industrial cyber-physical systems. IEEE Access, 2017, 5: 9336 doi: 10.1109/ACCESS.2017.2703906
|
[2] |
高一为, 周睿康, 赖英旭, 等. 基于仿真建模的工业控制网络入侵检测方法研究. 通信学报, 2017, 38(7): 186 https://www.cnki.com.cn/Article/CJFDTOTAL-TXXB201707020.htm
Gao Y W, Zhou R K, Lai Y X, et al. Research on industrial control system intrusion detection method based on simulation modelling. J Commun, 2017, 38(7): 186 https://www.cnki.com.cn/Article/CJFDTOTAL-TXXB201707020.htm
|
[3] |
Colbert E, Sullivan D, Hutchinson A, et al. A process-oriented intrusion detection method for industrial control systems//11th International Conference on Cyber Warfare and Security. Boston, 2016: 497 http://ieeexplore.ieee.org/document/7479259/
|
[4] |
邵诚, 钟梁高. 一种基于可信计算的工业控制系统信息安全解决方案. 信息与控制, 2015, 44(5): 628 https://www.cnki.com.cn/Article/CJFDTOTAL-XXYK201505019.htm
Shao C, Zhong L G. An information security solution scheme of industrial control system based on trusted computing. Inf Control, 2015, 44(5): 628 https://www.cnki.com.cn/Article/CJFDTOTAL-XXYK201505019.htm
|
[5] |
孙易安, 井柯, 汪义舟. 工业控制系统安全网络防护研究. 信息安全研究, 2017, 3(2): 171 https://www.cnki.com.cn/Article/CJFDTOTAL-XAQY201702011.htm
Sun Y A, Jing K, Wang Y Z. A network security protection research for industrial control system. J Inf Securyity Res, 2017, 3(2): 171 https://www.cnki.com.cn/Article/CJFDTOTAL-XAQY201702011.htm
|
[6] |
Genge B, Haller P, Kiss I. Cyber-security-aware network design of industrial control systems. IEEE Syst J, 2017, 11(3): 1373 doi: 10.1109/JSYST.2015.2462715
|
[7] |
Knowles W, Prince D, Hutchison D, et al. A survey of cyber security management in industrial control systems. Int J Crit Infrastruct Prot, 2015, 9: 52 doi: 10.1016/j.ijcip.2015.02.002
|
[8] |
Chen X, Li D, Wan J F, et al. A clock synchronization method for EtherCAT master. Microprocessors Microsyst, 2016, 46: 211 doi: 10.1016/j.micpro.2016.03.002
|
[9] |
Al-khatib A A, Hassan R. Impact of IPSec protocol on the performance of network real-time applications: a review. Int J Network Security, 2017, 19(11): 800 http://www.researchgate.net/publication/318419235_Impact_of_IPSec_protocol_on_the_performance_of_network_Real-Time_Applications_A_Review
|
[10] |
Panten N, Hoffmann N, Fuchs F W. Finite control set model predictive current control for grid-connected voltage-source converters with LCL filters: A study based on different state feedbacks. IEEE Trans Power Electron, 2016, 31(7): 5189 doi: 10.1109/TPEL.2015.2478862
|
[11] |
Villarroel F, Espinoza J R, Rojas C A, et al. Multiobjective switching state selector for finite-states model predictive control based on fuzzy decision making in a matrix converter. IEEE Trans Ind Electron, 2013, 60(2): 589 doi: 10.1109/TIE.2012.2206343
|
[12] |
宋站威, 周睿康, 赖英旭, 等. 基于行为模型的工控异常检测方法研究. 计算机科学, 2018, 45(1): 233 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA201801044.htm
Song Z W, Zhou R K, Lai Y X, et al. Anomaly detection method of ICS based on behavior model. Comput Sci, 2018, 45(1): 233 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA201801044.htm
|
[13] |
Ambusaidi M A, He X J, Nanda P, et al. Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans Comput, 2016, 65(10): 2986 doi: 10.1109/TC.2016.2519914
|
[14] |
段其昌, 周华鑫, 曾勇, 等. 带扩展记忆的粒子群优化最小二乘支持向量机在中长期电力负荷预测中的应用. 计算机科学, 2013, 40(6A): 41 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA2013S1008.htm
Duan Q C, Zhou H X, Zeng Y, et al. Application of PSOEM-LSSVM in medium and long term power load forecasting. Comput Sci, 2013, 40(6A): 41 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA2013S1008.htm
|
[15] |
乔宗良, 张蕾, 周建新, 等. 一种改进的CPSO-LSSVM软测量模型及其应用. 仪器仪表学报, 2014, 35(1): 234 https://www.cnki.com.cn/Article/CJFDTOTAL-YQXB201401032.htm
Qiao Z L, Zhang L, Zhou J X, et al. Soft sensor modeling method based on improved CPSO-LSSVM and its applications. Chin J Sci Instrum, 2014, 35(1): 234 https://www.cnki.com.cn/Article/CJFDTOTAL-YQXB201401032.htm
|
[16] |
黄为勇, 高玉芹, 张艳华. 一种采用改进CPSO算法的PID参数整定方法. 计算机科学, 2014, 41(11): 278 doi: 10.11896/j.issn.1002-137X.2014.11.054
Huang W Y, Gao Y Q, Zhang Y H. Tuning PID parameters using modified CPSO algorithm. Comput Sci, 2014, 41(11): 278 doi: 10.11896/j.issn.1002-137X.2014.11.054
|
[17] |
刘明珍. 基于CPSO-LSSVM的网络入侵检测. 计算机工程, 2013, 39(11): 131 doi: 10.3969/j.issn.1000-3428.2013.11.029
Liu M Z. Network intrusion detection based on CPSO-LSSVM. Comput Eng, 2013, 39(11): 131 doi: 10.3969/j.issn.1000-3428.2013.11.029
|
[18] |
Zhou C J, Huang S, Xiong N X, et al. Design and analysis of multimodel-based anomaly intrusion detection systems in industrial process automation. IEEE Trans Syst Man Cybernetics Syst, 2015, 45(10): 1345 doi: 10.1109/TSMC.2015.2415763
|
[19] |
陆遥, 余翔湛. 基于并行队列的众核平台入侵检测系统. 智能计算机与应用, 2017, 7(5): 82 doi: 10.3969/j.issn.2095-2163.2017.05.022
Lu Y, Yu X Z. Intrusion detection technology of many-core platform based on parallel queue. Intell Comput Appl, 2017, 7(5): 82 doi: 10.3969/j.issn.2095-2163.2017.05.022
|
[20] |
Wu Z J, Zhang L Y, Yue M. Low-rate DoS attacks detection based on network multifractal. IEEE Trans Dependable Secure Comput, 2016, 13(5): 559 doi: 10.1109/TDSC.2015.2443807
|
[21] |
Ntalampiras S. Detection of integrity attacks in cyber-physical critical infrastructures using ensemble modeling. IEEE Trans Ind Informatics, 2015, 11(1): 104 doi: 10.1109/TII.2014.2367322
|
[22] |
孙兰兰, 宋雯斐. CPSO和LSSVM融合的网络入侵检测. 计算机工程与应用, 2013, 49(9): 90 doi: 10.3778/j.issn.1002-8331.1111-0585
Sun L L, Song W F. Network intrusion detection by combination of CPSO and LSSVM. Comput Eng Appl, 2013, 49(9): 90 doi: 10.3778/j.issn.1002-8331.1111-0585
|