Cargando…
Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems
This paper proposes a novel method monitoring network packets to classify anomalies in industrial control systems (ICSs). The proposed method combines different mechanisms. It is flow-based as it obtains new features through aggregating packets of the same flow. It then builds a deep neural network...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9737659/ https://www.ncbi.nlm.nih.gov/pubmed/36501784 http://dx.doi.org/10.3390/s22239084 |
| _version_ | 1784847345801756672 |
|---|---|
| author | Jiang, Jehn-Ruey Lin, Yan-Ting |
| author_facet | Jiang, Jehn-Ruey Lin, Yan-Ting |
| author_sort | Jiang, Jehn-Ruey |
| collection | PubMed |
| description | This paper proposes a novel method monitoring network packets to classify anomalies in industrial control systems (ICSs). The proposed method combines different mechanisms. It is flow-based as it obtains new features through aggregating packets of the same flow. It then builds a deep neural network (DNN) with multi-attention blocks for spotting core features, and with residual blocks for avoiding the gradient vanishing problem. The DNN is trained with the Ranger (RAdam + Lookahead) optimizer to prevent the training from being stuck in local minima, and with the focal loss to address the data imbalance problem. The Electra Modbus dataset is used to evaluate the performance impacts of different mechanisms on the proposed method. The proposed method is compared with related methods in terms of the precision, recall, and F1-score to show its superiority. |
| format | Online Article Text |
| id | pubmed-9737659 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-97376592022-12-11 Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems Jiang, Jehn-Ruey Lin, Yan-Ting Sensors (Basel) Article This paper proposes a novel method monitoring network packets to classify anomalies in industrial control systems (ICSs). The proposed method combines different mechanisms. It is flow-based as it obtains new features through aggregating packets of the same flow. It then builds a deep neural network (DNN) with multi-attention blocks for spotting core features, and with residual blocks for avoiding the gradient vanishing problem. The DNN is trained with the Ranger (RAdam + Lookahead) optimizer to prevent the training from being stuck in local minima, and with the focal loss to address the data imbalance problem. The Electra Modbus dataset is used to evaluate the performance impacts of different mechanisms on the proposed method. The proposed method is compared with related methods in terms of the precision, recall, and F1-score to show its superiority. MDPI 2022-11-23 /pmc/articles/PMC9737659/ /pubmed/36501784 http://dx.doi.org/10.3390/s22239084 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Jiang, Jehn-Ruey Lin, Yan-Ting Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems |
| title | Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems |
| title_full | Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems |
| title_fullStr | Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems |
| title_full_unstemmed | Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems |
| title_short | Deep Learning Anomaly Classification Using Multi-Attention Residual Blocks for Industrial Control Systems |
| title_sort | deep learning anomaly classification using multi-attention residual blocks for industrial control systems |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9737659/ https://www.ncbi.nlm.nih.gov/pubmed/36501784 http://dx.doi.org/10.3390/s22239084 |
| work_keys_str_mv | AT jiangjehnruey deeplearninganomalyclassificationusingmultiattentionresidualblocksforindustrialcontrolsystems AT linyanting deeplearninganomalyclassificationusingmultiattentionresidualblocksforindustrialcontrolsystems |