Research on Abnormal Traffic Detection in Industrial Control Network Based on CVAE-CatBoost
For the detection of abnormal traffic in Industrial Control Network(ICN),a new abnormal traffic detection model based on Conditional Variational Autoencoder(CVAE) and the Categorical Features Gradient Boosting(CatBoost) algorithm is proposed to address the problems of unbalanced data distribution an...
Uložené v:
| Vydané v: | Ji suan ji gong cheng Ročník 49; číslo 5; s. 173 - 180 |
|---|---|
| Hlavný autor: | |
| Médium: | Journal Article |
| Jazyk: | Chinese English |
| Vydavateľské údaje: |
Editorial Office of Computer Engineering
01.05.2023
|
| Predmet: | |
| ISSN: | 1000-3428 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | For the detection of abnormal traffic in Industrial Control Network(ICN),a new abnormal traffic detection model based on Conditional Variational Autoencoder(CVAE) and the Categorical Features Gradient Boosting(CatBoost) algorithm is proposed to address the problems of unbalanced data distribution and low detection rate in existing models.CVAE uses label information as a constraint to control the category of generated samples.The CatBoost algorithm overcomes gradient bias by introducing unbiased estimation,improves prediction accuracy,and reduces risk of overfitting by adopting various tree growth modes.CVAE is used to enhance data,expand rare attack samples,and build balanced datasets with uniform distribution.The CatBoost algorithm is an anomaly traffic detection model which accurately identifies attack samples,such as Dos,Fuzzers,and outputs the classification results.The experimental results show that on the UNSW-NB15 dataset,after data enhancement using CVAE,CatBoost improves the F1 value by 25.16 percentage points on average,whereby the overall precision,recall,and F1 value,reach 87.85%,87.87%,and 87.86%,respectively;on the ZYELL_NCTU NetTraffic_1.0 dataset,after using CVAE to enhance the data,CatBoost improves the F1 value by 16.32% on average,and the overall precision,recall,and F1 value,reach 99.85%.The proposed model can effectively avoid data imbalance problems and has better detection performance and generalization ability than machine learning and deep learning algorithms,such as K-Nearest Neighbor(KNN),Random Forest(RF),and Convolution Neural Network(CNN). |
|---|---|
| AbstractList | For the detection of abnormal traffic in Industrial Control Network(ICN),a new abnormal traffic detection model based on Conditional Variational Autoencoder(CVAE) and the Categorical Features Gradient Boosting(CatBoost) algorithm is proposed to address the problems of unbalanced data distribution and low detection rate in existing models.CVAE uses label information as a constraint to control the category of generated samples.The CatBoost algorithm overcomes gradient bias by introducing unbiased estimation,improves prediction accuracy,and reduces risk of overfitting by adopting various tree growth modes.CVAE is used to enhance data,expand rare attack samples,and build balanced datasets with uniform distribution.The CatBoost algorithm is an anomaly traffic detection model which accurately identifies attack samples,such as Dos,Fuzzers,and outputs the classification results.The experimental results show that on the UNSW-NB15 dataset,after data enhancement using CVAE,CatBoost improves the F1 value by 25.16 percentage points on average,whereby the overall precision,recall,and F1 value,reach 87.85%,87.87%,and 87.86%,respectively;on the ZYELL_NCTU NetTraffic_1.0 dataset,after using CVAE to enhance the data,CatBoost improves the F1 value by 16.32% on average,and the overall precision,recall,and F1 value,reach 99.85%.The proposed model can effectively avoid data imbalance problems and has better detection performance and generalization ability than machine learning and deep learning algorithms,such as K-Nearest Neighbor(KNN),Random Forest(RF),and Convolution Neural Network(CNN). |
| Author | ZHANG Zixuan, ZONG Xuejun, HE Kan, LIAN Lian |
| Author_xml | – sequence: 1 fullname: ZHANG Zixuan, ZONG Xuejun, HE Kan, LIAN Lian organization: 1. School of Information Engineering, Shenyang University of Chemical Technology, Shenyang 110142, China;2. Liaoning Province Petrochemical Industry Key Laboratory of Information Security, Shenyang 110142, China |
| BookMark | eNo9jV1LwzAYRnMxwU39D_UHtKZNmrSXW506GAoyvfGivEneaGbXSBIR_731A68eOAfOsyCz0Y9IyHlJi7IVsrnYFy7GsSgppTnjVVNQKmoumxmZ_7NjsohxTymvKkrn5OkeI0LQL5kfs6UafTjAkO0CWOt0dokJdXKTcmO2Gc17TMFNvvNjCn7IbjF9-PCarSCi-S50j8t13kFaeR_TKTmyMEQ8-9sT8nC13nU3-fbuetMtt7kpmUi5sKgYbWTNmUA0bUlBMKaYUBxtrcoJWsmkrY0SFLXhRkumtaRKWcC2Zidk89s1Hvb9W3AHCJ-9B9f_AB-eewjJ6QF7xlspuKQg24prCaCtBonaTme2akr2BY0TZRw |
| ContentType | Journal Article |
| DBID | DOA |
| DOI | 10.19678/j.issn.1000-3428.0065478 |
| DatabaseName | DOAJ Directory of Open Access Journals |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EndPage | 180 |
| ExternalDocumentID | oai_doaj_org_article_34976470a7924c7aacfca7ecf6b4f281 |
| GroupedDBID | -0Y 5XA 5XJ 92H 92I ABJNI ACGFS ALMA_UNASSIGNED_HOLDINGS CCEZO CUBFJ CW9 GROUPED_DOAJ TCJ TGT U1G U5S |
| ID | FETCH-LOGICAL-d136t-6feb30875436eed910a633b36b4ef5b16eef737f5db60ecd4dc73cc70bbfae953 |
| IEDL.DBID | DOA |
| ISSN | 1000-3428 |
| IngestDate | Mon Nov 03 22:08:57 EST 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 5 |
| Language | Chinese English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-d136t-6feb30875436eed910a633b36b4ef5b16eef737f5db60ecd4dc73cc70bbfae953 |
| OpenAccessLink | https://doaj.org/article/34976470a7924c7aacfca7ecf6b4f281 |
| PageCount | 8 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_34976470a7924c7aacfca7ecf6b4f281 |
| PublicationCentury | 2000 |
| PublicationDate | 2023-05-01 |
| PublicationDateYYYYMMDD | 2023-05-01 |
| PublicationDate_xml | – month: 05 year: 2023 text: 2023-05-01 day: 01 |
| PublicationDecade | 2020 |
| PublicationTitle | Ji suan ji gong cheng |
| PublicationYear | 2023 |
| Publisher | Editorial Office of Computer Engineering |
| Publisher_xml | – name: Editorial Office of Computer Engineering |
| SSID | ssj0042200 |
| Score | 2.2181373 |
| Snippet | For the detection of abnormal traffic in Industrial Control Network(ICN),a new abnormal traffic detection model based on Conditional Variational... |
| SourceID | doaj |
| SourceType | Open Website |
| StartPage | 173 |
| SubjectTerms | industrial control network(icn)|anomaly detection|data imbalance|conditional variational autoencoder(cvae)|catboost algorithm |
| Title | Research on Abnormal Traffic Detection in Industrial Control Network Based on CVAE-CatBoost |
| URI | https://doaj.org/article/34976470a7924c7aacfca7ecf6b4f281 |
| Volume | 49 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals issn: 1000-3428 databaseCode: DOA dateStart: 20160101 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://www.doaj.org/ omitProxy: false ssIdentifier: ssj0042200 providerName: Directory of Open Access Journals |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV1NSwMxEA0iInoQP_GbCF633SbZpD22tcWDFA8qBQ_L5Asqsivt6u93krTamxevWQhhZjNvBl7eI-SWB5sj6yCTPreZAMjxSjmeFZIr77BsSht1Zh_UZNKdTnuPa1ZfgROW5IFT4NpcIGAKlYPCScEoAOMNKGe81MKz-OiaYdezGqZSDRaM5UmHIMcqgx32NrmJL_OwNLff4vVq_XxrxQeWwWdtTbU_wst4n-wt-0LaT-c5IBuuOiS7a2qBR-R1xZKjdUX7ugrd5jtFsAkqEPTONZFVVdFZRX8NOegwcdHpJPG96QBhy4Ydhi_9UTaEZlDXi-aYPI9HT8P7bOmNkNkOlw2GFqfgoEYvuESYQ9AHybnmGBXnC93BRa8w3IXVMnfGCmsUN0blWntwvYKfkM2qrtwpodYzAKnBMg2iywSEKgkcNMNZg0txRgYhLuVHkr8ogyB1XMA0lcs0lX-l6fw_NrkgO8HtPfENL8lmM_90V2TLfDWzxfw6_gHfMze1Uw |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Research+on+Abnormal+Traffic+Detection+in+Industrial+Control+Network+Based+on+CVAE-CatBoost&rft.jtitle=Ji+suan+ji+gong+cheng&rft.au=ZHANG+Zixuan%2C+ZONG+Xuejun%2C+HE+Kan%2C+LIAN+Lian&rft.date=2023-05-01&rft.pub=Editorial+Office+of+Computer+Engineering&rft.issn=1000-3428&rft.volume=49&rft.issue=5&rft.spage=173&rft.epage=180&rft_id=info:doi/10.19678%2Fj.issn.1000-3428.0065478&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_34976470a7924c7aacfca7ecf6b4f281 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1000-3428&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1000-3428&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1000-3428&client=summon |