[1] KNOWLES W, PRINCE D, JONES K, et al. A survey of cyber security management in industrial control systems[J]. International Journal of Critical Infrastructure Protection, 2015, 9(C):52-80. [2] 尚文利, 安攀峰, 万明,等. 工业控制系统入侵检测技术的研究及发展综述[J]. 计算机应用研究, 2017, 34(2):328-333,342.(SHANG W L, AN P F, WAN M, et al. Research and development overview of intrusion detection technology in industrial control system[J]. Application Research of Computers, 2017, 34(2):328-333,342.) [3] 杨安, 孙利民, 王小山,等. 工业控制系统入侵检测技术综述[J]. 计算机研究与发展, 2016, 53(9):2039-2054.(YANG A, SUN L M, WANG X S, et al. Intrusion detection techniques for industrial control systems[J]. Journal of Computer Research and Development, 2016, 53(9):2039-2054.) [4] NADER P. One-class classification for cyber intrusion detection in industrial systems[J]. IEEE Transactions on Industrial Informatics, 2015, 10(4):2308-2317. [5] 尚文利, 李琳, 万明,等. 基于优化单类支持向量机的工业控制系统入侵检测算法[J]. 信息与控制, 2015, 44(6):678-684.(SHANG W L, LI L, WAN M, et al. Intrusion detection algorithm based on optimized one-class support vector machine for industrial control system[J]. Information and Control, 2015, 44(6):678-684.) [6] HOFFMANN H. Kernel PCA for novelty detection[J]. Pattern Recognition, 2007, 40(3):863-874. [7] BARTMAN T, KRAFT J. An introduction to applying network intrusion detection for industrial control systems[EB/OL].[2017-06-20]. http://sel-cables.com/api/download/114922/. [8] 万明, 尚文利, 曾鹏,等. 基于功能码深度检测的Modbus/TCP通信访问控制方法[J]. 信息与控制, 2016, 45(2):248-256.(WAN M, SHANG W L, ZENG P, et al. Modbus/TCP communication control method based on deep function code inspection[J]. Information and Control, 2016, 45(2):248-256.) [9] KIM G, LEE S, KIM S. A novel hybrid intrusion detection method integrating anomaly detection with misuse detection[J]. Expert Systems with Applications, 2014, 41(4):1690-1700. [10] 吴丽云, 李生林, 甘旭升,等. 基于PLS特征提取的网络异常入侵检测CVM模型[J]. 控制与决策, 2017, 32(4):755-758.(WU L Y, LI S L, GAN X S, et al. Network anomaly intrusion detection CVM model based on PLS feature extraction[J]. Control and Decision, 2017, 32(4):755-758.) [11] NADER P, HONEINE P, BEAUSEROY P. Lp-norms in one-class classification for intrusion detection in SCADA systems[J]. IEEE Transactions on Industrial Informatics, 2014, 10(4):2308-2317. [12] HANBIAO L I. A new kind of SVM intrusion detection strategy for integration[J]. Computer Engineering & Applications, 2012, 94(3):1289-1291. [13] 尚文利, 张盛山, 万明,等. 基于PSO-SVM的Modbus TCP通讯的异常检测方法[J].电子学报, 2014, 42(11):2314-2320.(SHANG W L, ZHANG S S, WAN M, et al. Modbus/TCP communication anomaly detection algorithm based on PSO-SVM[J].Acta Electronica Sinica, 2014, 42(11):2314-2320.) [14] 李琳, 尚文利, 姚俊,等. 单类支持向量机在工业控制系统入侵检测中的应用研究综述[J].计算机应用研究, 2016, 33(1):7-11.(LI L, SHANG W L, YAO J, et al. Overview of one-class support vector machine in intrusion detection of industrial control system[J].Application Research of Computers,2016, 33(1):7-11.) [15] AMER M, GOLDSTEIN M, ABDENNADHER S. Enhancing one-class support vector machines for unsupervised anomaly detection[C]//Proceedings of the ACM SIGKDD Workshop on Outlier Detection and Description. New York:ACM, 2013:8-15. [16] MUDA Z, YASSIN W, SULAIMAN M N, et al. Intrusion detection based on k-means clustering and OneR classification[C]//Proceedings of the 20117th International Conference on Information Assurance and Security. Piscataway, NJ:IEEE, 2012:192-197. [17] 王茜, 刘胜会.改进K-means算法在入侵检测中的应用研究[J]. 计算机工程与应用, 2015, 51(17):124-127.(WANG Q, LIU S H. Application research of improved K-means algorithm in intrusion detection[J]. Computer Engineering and Applications, 2015, 51(17):124-127.) [18] MORRIS T, GAO W. Industrial control system traffic data sets for intrusion detection research[C]//ICCIP 2014:Proceedings of the 2014 International Conference on Critical Infrastructure Protection. Berlin:Springer, 2014:65-78. |