Intrusion detection techniques of variable-frequency vector control system

CAO Ce; XIE Lun; LI Lian-peng; WANG Zhi-liang

doi:10.13374/j.issn2095-9389.2019.08.013

Volume 41 Issue 8

Aug. 2019

Turn off MathJax

Article Contents

Article Navigation > Chinese Journal of Engineering > 2019 > 41(8): 1074-1084

CAO Ce, XIE Lun, LI Lian-peng, WANG Zhi-liang. Intrusion detection techniques of variable-frequency vector control system[J]. Chinese Journal of Engineering, 2019, 41(8): 1074-1084. doi: 10.13374/j.issn2095-9389.2019.08.013

Citation:

CAO Ce, XIE Lun, LI Lian-peng, WANG Zhi-liang. Intrusion detection techniques of variable-frequency vector control system[J]. Chinese Journal of Engineering, 2019, 41(8): 1074-1084. doi: 10.13374/j.issn2095-9389.2019.08.013

Citation:

PDF( 1798 KB)

Intrusion detection techniques of variable-frequency vector control system

doi: 10.13374/j.issn2095-9389.2019.08.013

School of Computer and Communication Engineering, University of Science and Technology Beijing, Beijing 100083, China

More Information

Corresponding author: XIE Lun, E-mail: xielun@ustb.edu.cn
Received Date: 2018-11-21
Publish Date: 2019-08-01

Abstract

Abstract

As induction motors are the control core in variable-frequency speed-regulating systems, their efficient operation in industrial production processes needs to be ensured. To realize this, the accuracy and security of control commands and equipment parameters have been the priorities for industrial security protection research. This study aims to investigate the intrusion detection techniques of the AC-DC-AC variable-frequency vector control system for induction motors under EtherCAT industrial bus. First, the EtherCAT bus protocol is deeply analyzed, and combined with the EtherCAT industrial bus common protocol vulnerabilities that have been discovered so far, the key characteristics of the protocol data packets are extracted, and the EtherCAT bus protocol intrusion detection rule base is constructed. A three-dimensional pointer linked list tree is used as the retrieval data structure for the EtherCAT bus protocol rule base. Second, model parameters are simulated and calculated based on the physical model of the AC-DC-AC inverter vector control system of the induction motor. Then a least-squares support vector machine (LSSVM) with the characteristics of vector control model intrusion is constructed on the basis of the simulation results, and the parameters of LSSVM classifier are optimized using the chaotic particle swarm optimization (CPSO) algorithm, both of which constitute the CPSO-LSSVM intrusion detection classification algorithm. After the anomaly data packets are classified, they will be transferred to the Suricata intrusion detection engine for precise rule matching. Finally, a physical experiment environment is built for the intrusion detection system. The simulation results of the AC-DC-AC variable-frequency vector control model in this paper show good dynamic performance, which is similar to the trend of waveform change on actual vector control system parameters. The effectiveness of the intrusion detection system is verified by extracting part of the KDD Cup99 test dataset to implement the behaviors of attacks, such as the denial of service (DOS), remote-to-local (R2L), user-to-root (U2R), and Probing attacks on the intrusion detection system.
- variable-frequency speed-regulating system,
- intrusion detection technology,
- EtherCAT bus,
- least-squares support vector machine,
- rule matching

FullText(HTML)

References(22)

References

[1]	Haller P, Genge B. Using sensitivity analysis and cross-association for the design of intrusion detection systems in industrial cyber-physical systems. IEEE Access, 2017, 5: 9336 doi: 10.1109/ACCESS.2017.2703906
[2]	高一為, 周睿康, 賴英旭, 等. 基于仿真建模的工業控制網絡入侵檢測方法研究. 通信學報, 2017, 38(7): 186 https://www.cnki.com.cn/Article/CJFDTOTAL-TXXB201707020.htm Gao Y W, Zhou R K, Lai Y X, et al. Research on industrial control system intrusion detection method based on simulation modelling. J Commun, 2017, 38(7): 186 https://www.cnki.com.cn/Article/CJFDTOTAL-TXXB201707020.htm
[3]	Colbert E, Sullivan D, Hutchinson A, et al. A process-oriented intrusion detection method for industrial control systems//11th International Conference on Cyber Warfare and Security. Boston, 2016: 497 http://ieeexplore.ieee.org/document/7479259/
[4]	邵誠, 鐘梁高. 一種基于可信計算的工業控制系統信息安全解決方案. 信息與控制, 2015, 44(5): 628 https://www.cnki.com.cn/Article/CJFDTOTAL-XXYK201505019.htm Shao C, Zhong L G. An information security solution scheme of industrial control system based on trusted computing. Inf Control, 2015, 44(5): 628 https://www.cnki.com.cn/Article/CJFDTOTAL-XXYK201505019.htm
[5]	孫易安, 井柯, 汪義舟. 工業控制系統安全網絡防護研究. 信息安全研究, 2017, 3(2): 171 https://www.cnki.com.cn/Article/CJFDTOTAL-XAQY201702011.htm Sun Y A, Jing K, Wang Y Z. A network security protection research for industrial control system. J Inf Securyity Res, 2017, 3(2): 171 https://www.cnki.com.cn/Article/CJFDTOTAL-XAQY201702011.htm
[6]	Genge B, Haller P, Kiss I. Cyber-security-aware network design of industrial control systems. IEEE Syst J, 2017, 11(3): 1373 doi: 10.1109/JSYST.2015.2462715
[7]	Knowles W, Prince D, Hutchison D, et al. A survey of cyber security management in industrial control systems. Int J Crit Infrastruct Prot, 2015, 9: 52 doi: 10.1016/j.ijcip.2015.02.002
[8]	Chen X, Li D, Wan J F, et al. A clock synchronization method for EtherCAT master. Microprocessors Microsyst, 2016, 46: 211 doi: 10.1016/j.micpro.2016.03.002
[9]	Al-khatib A A, Hassan R. Impact of IPSec protocol on the performance of network real-time applications: a review. Int J Network Security, 2017, 19(11): 800 http://www.researchgate.net/publication/318419235_Impact_of_IPSec_protocol_on_the_performance_of_network_Real-Time_Applications_A_Review
[10]	Panten N, Hoffmann N, Fuchs F W. Finite control set model predictive current control for grid-connected voltage-source converters with LCL filters: A study based on different state feedbacks. IEEE Trans Power Electron, 2016, 31(7): 5189 doi: 10.1109/TPEL.2015.2478862
[11]	Villarroel F, Espinoza J R, Rojas C A, et al. Multiobjective switching state selector for finite-states model predictive control based on fuzzy decision making in a matrix converter. IEEE Trans Ind Electron, 2013, 60(2): 589 doi: 10.1109/TIE.2012.2206343
[12]	宋站威, 周睿康, 賴英旭, 等. 基于行為模型的工控異常檢測方法研究. 計算機科學, 2018, 45(1): 233 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA201801044.htm Song Z W, Zhou R K, Lai Y X, et al. Anomaly detection method of ICS based on behavior model. Comput Sci, 2018, 45(1): 233 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA201801044.htm
[13]	Ambusaidi M A, He X J, Nanda P, et al. Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans Comput, 2016, 65(10): 2986 doi: 10.1109/TC.2016.2519914
[14]	段其昌, 周華鑫, 曾勇, 等. 帶擴展記憶的粒子群優化最小二乘支持向量機在中長期電力負荷預測中的應用. 計算機科學, 2013, 40(6A): 41 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA2013S1008.htm Duan Q C, Zhou H X, Zeng Y, et al. Application of PSOEM-LSSVM in medium and long term power load forecasting. Comput Sci, 2013, 40(6A): 41 https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA2013S1008.htm
[15]	喬宗良, 張蕾, 周建新, 等. 一種改進的CPSO-LSSVM軟測量模型及其應用. 儀器儀表學報, 2014, 35(1): 234 https://www.cnki.com.cn/Article/CJFDTOTAL-YQXB201401032.htm Qiao Z L, Zhang L, Zhou J X, et al. Soft sensor modeling method based on improved CPSO-LSSVM and its applications. Chin J Sci Instrum, 2014, 35(1): 234 https://www.cnki.com.cn/Article/CJFDTOTAL-YQXB201401032.htm
[16]	黃為勇, 高玉芹, 張艷華. 一種采用改進CPSO算法的PID參數整定方法. 計算機科學, 2014, 41(11): 278 doi: 10.11896/j.issn.1002-137X.2014.11.054 Huang W Y, Gao Y Q, Zhang Y H. Tuning PID parameters using modified CPSO algorithm. Comput Sci, 2014, 41(11): 278 doi: 10.11896/j.issn.1002-137X.2014.11.054
[17]	劉明珍. 基于CPSO-LSSVM的網絡入侵檢測. 計算機工程, 2013, 39(11): 131 doi: 10.3969/j.issn.1000-3428.2013.11.029 Liu M Z. Network intrusion detection based on CPSO-LSSVM. Comput Eng, 2013, 39(11): 131 doi: 10.3969/j.issn.1000-3428.2013.11.029
[18]	Zhou C J, Huang S, Xiong N X, et al. Design and analysis of multimodel-based anomaly intrusion detection systems in industrial process automation. IEEE Trans Syst Man Cybernetics Syst, 2015, 45(10): 1345 doi: 10.1109/TSMC.2015.2415763
[19]	陸遙, 余翔湛. 基于并行隊列的眾核平臺入侵檢測系統. 智能計算機與應用, 2017, 7(5): 82 doi: 10.3969/j.issn.2095-2163.2017.05.022 Lu Y, Yu X Z. Intrusion detection technology of many-core platform based on parallel queue. Intell Comput Appl, 2017, 7(5): 82 doi: 10.3969/j.issn.2095-2163.2017.05.022
[20]	Wu Z J, Zhang L Y, Yue M. Low-rate DoS attacks detection based on network multifractal. IEEE Trans Dependable Secure Comput, 2016, 13(5): 559 doi: 10.1109/TDSC.2015.2443807
[21]	Ntalampiras S. Detection of integrity attacks in cyber-physical critical infrastructures using ensemble modeling. IEEE Trans Ind Informatics, 2015, 11(1): 104 doi: 10.1109/TII.2014.2367322
[22]	孫蘭蘭, 宋雯斐. CPSO和LSSVM融合的網絡入侵檢測. 計算機工程與應用, 2013, 49(9): 90 doi: 10.3778/j.issn.1002-8331.1111-0585 Sun L L, Song W F. Network intrusion detection by combination of CPSO and LSSVM. Comput Eng Appl, 2013, 49(9): 90 doi: 10.3778/j.issn.1002-8331.1111-0585