Control logic injection attack against Programmable Logic Controller （PLC） manipulate the physical process by tampering with the control program， thereby achieving the purpose of affecting the control process or destroying the physical facilities. Aiming at PLC control logic injection attacks， an intrusion detection method based on automatic whitelist rules generation was proposed， called PLCShield （Programmable Logic Controller Shield）. Based on the fact that PLC control program carries comprehensive and complete physical process control information， the proposed method mainly includes two stages： firstly， by analyzing the PLC program’s configuration file， instruction function， variable attribute， execution path and other information， the detection rules such as program attribute， address， value range and structure were extracted； secondly， combining actively requesting a “snapshot” of the PLC’s running and passively monitoring network traffic was used to obtain real-time information such as the current running status of PLC and the operation and status in the traffic， and the attack behavior was identified by comparing the obtained information with the detection rules. Four PLCs of different manufacturers and models were used as research cases to verify the feasibility of PLCShield. Experimental results show that the attack detection accuracy of the proposed method can reach more than 97.71%. The above prove that the proposed method is effective.

Concerning the lack of flexibility in adversarial training of Deep Convolutional Generative Adversarial Network （DCGAN） and the problems of inflexible optimization and unclear convergence state of Binary Cross-Entropy loss （BCE loss） function used in DCGAN， an improved algorithm of Generative Adversarial Network （GAN） based on arbitration mechanism was proposed. In this algorithm， the proposed arbitration mechanism was added on the basis of DCGAN. Firstly， the network structure of the proposed improved algorithm was composed of generator， discriminator， and arbiter. Secondly， the adversarial training was conducted by the generator and discriminator according to the training plan， and the abilities to generate images and verify the authenticity of images were strengthened according to the characteristics learned from the dataset respectively. Thirdly， the arbiter was generated by the generator and the discriminator after the last round of adversarial training and metric score calculation module， and the adversarial training results of the generator and the discriminator were measured by this arbiter and fed back into the training plan. Finally， a wining limit was added to the network structure to improve the stability of model training， and the Circle loss function was used to replace the BCE loss function， which made the model optimization process more flexible and the convergence state more clear. Experimental results show that the proposed algorithm has a good generation effect on the architectural and face datasets. On the Large-scale Scene UNderstanding （LSUN） dataset， the proposed algorithm has the Fréchet Inception Distance （FID） index decreased by 1.04% compared with the DCGAN original algorithm； on the CelebA dataset， the proposed algorithm has the Inception Score （IS） index increased by 4.53% compared with the DCGAN original algorithm. The images generated by the proposed algorithm have better diversity and higher quality.