引用本文:庄康熙,孙子文.针对工业信息物理系统中的拒绝服务攻击建立检测模型[J].控制理论与应用,2020,37(3):629~638.[点击复制]
ZHUANG-Kang-xi,SUN Zi-Wen.Establishing a detection model for denial of service attacks in industrial cyber physical systems[J].Control Theory and Technology,2020,37(3):629~638.[点击复制]
针对工业信息物理系统中的拒绝服务攻击建立检测模型
Establishing a detection model for denial of service attacks in industrial cyber physical systems
摘要点击 2746  全文点击 1046  投稿时间:2018-11-07  修订日期:2019-06-30
查看全文  查看/发表评论  下载PDF阅读器
DOI编号  10.7641/CTA.2019.80876
  2020,37(3):629-638
中文关键词  工业信息物理系统  DoS攻击  卡尔曼滤波器  卡方检测器
英文关键词  Industrial-Cyber-physical systems  DoS attack  Kalman filter  Chi-square detector
基金项目  国家自然科学基金
作者单位E-mail
庄康熙 江南大学 zz-kangxi@foxmail.com 
孙子文* 江南大学 sunziwen@jiangnan.edu.cn 
中文摘要
      无线通信网络的脆弱性使工业信息物理系统(ICPS)的稳定性容易遭受拒绝服务(DoS)攻击的影响. 为检测ICPS中的DoS攻击, 本文基于反馈控制理论, 采用卡尔曼滤波器和卡方检测器结合的检测方案建立攻击检测模型. 卡尔曼滤波器用于去除环境噪声, 并得到测量残差; 卡方检测器通过测量残差得到检测值, 再结合攻击检测判决规则, 判断系统是否受到DoS攻击. 为证明所采用方法的有效性, 以球杆系统为被控对象, 通过Simulink/TrueTime进行仿真, 并使用欧几里得检测器作对比实验. 实验结果表明, 基于反馈控制理论的攻击检测模型可以有效地检测ICPS中的DoS攻击; 相较于欧几里得检测器, 卡方检测器能够更好地用于检测DoS攻击。
英文摘要
      The vulnerability of wireless communication networks makes the stability of industrial cyber physical systems (ICPS) vulnerable to denial of service (DoS) attacks. In order to detect the DoS attack in ICPS, this paper studies an attack detection model based on the feedback control theory, the detection scheme is combined with Kalman filter and chi-square detector. The Kalman filter is used to remove the environmental noise and obtain the measurement residual. The chi-square detector obtains the detected value by measuring the residual, and then combines the attack detection decision rule to determine whether the system is under the DoS attack. In order to prove the effectiveness and superiority of the method, the ball-beam system is used as the controlled object, Simulink/TrueTime is used for simulation, and the euclidean detector is used for comparison experiments. The simulation results show that the attack detection model based on feedback control theory can effectively detect the denial of service attack in ICPS. Compared with the euclidean detector, the chi-square detector can achieve better detection for detecting DoS attacks.