信息网络安全 ›› 2014, Vol. 14 ›› Issue (9): 86-91.doi: 10.3969/j.issn.1671-1122.2014.09.019

• 入选论文 • 上一篇    下一篇

基于在线集成学习技术的工业控制网络入侵防范技术探讨

汤健, 孙春来, 李东   

  1. 北京图形研究所,北京100029
  • 收稿日期:2014-08-06 出版日期:2014-09-01
  • 作者简介:汤健(1974-),男,辽宁,工程师,博士,主要研究方向:数据建模和综合自动化系统;孙春来(1962-),女,北京,高级工程师,硕士,主要研究方向:网络安全;李东(1974-),男,江苏,工程师,博士,主要研究方向:仿真优化方法。

Discussion about the Industrial Control Network Intrusion Prevention Technology based on On-line Ensemble Learning

TANG Jian, SUN Chun-lai, LI Dong   

  1. Beijing Graphics Research Institute, Beijing 100029, China
  • Received:2014-08-06 Online:2014-09-01

摘要: 目前,冶金、煤炭、电力、石化、核能、航空、铁路、水处理、地铁等国家基础设施普遍采用工业控制网络系统。 这些系统具有网络层次多(设备层、控制层、管理层)、接入复杂(有线/无线接入、本地/远程接入、长时/临时接入)、设备类型多(智能仪表、过程控制系统电脑、制造管理系统电脑)、用户计算机水平层次高低不同(工人、硬件工程师、软件工程师、管理办公室人员)等特点。当前国际网络安全形势表明,如何对具有这些特点的工业控制网络进行有效防护是目前信息安全领域重点关注的问题之一。文章首先对工业控制网络的信息安全与入侵防范技术现状进行了分析,指出如何研究具有在线自适应更新能力的人工智能入侵防范系统是当前发展趋势之一;然后对当前机器学习的研究热点“在线集成学习”技术进行了综述;最后给出了将在线集成学习技术用于工业控制网络入侵防范系统所涉及到的研究内容。

关键词: 工业控制网络系统, 信息安全, 入侵防范, 集成学习, 在线更新

Abstract: Industrial control network systems are popularly used in national infrastructure, such as metallurgy, coal, electric power, petrochemical, nuclear energy, aviation, railway, water treatment, Metro et.al. There are many characteristics in these networks, such as multi-network layers (device net, control net and manager net), multi-type network links (online/wireless link, local/remote link, long time/temporary link), multi-type link devices (intelligent instrument, computers of process control system, computers of management execution system) and multi-level users (operational workers in practice, hard-device engineer, soft ware engineer, official manager staff). How to effective protect such network system has been a focus in information security domain. In this paper, we analyze the technologies of information security and intrusion prevention for industrial control network system. How to develop artificial intelligence based on-line adaptive intrusion prevention model is the further research direction. Then, the on-line ensemble modeling technology is reviewed. Finally, the research problem about how to integrate on-line ensemble leaning with industry control network intrusion prevention system is presented.

Key words: industrial control network system, information security, intrusion prevention, ensemble learning, on-line updating