EfficientTransformer: A Dynamic Anomaly Detection Model for Industrial Control Networks
As industrial control network threats become increasingly complex, traditional intrusion detection systems (IDS) struggle to capture implicit relationships due to feature redundancy and intricate feature interactions. This leads to increased computational complexity and higher detection latency, mak...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10902390/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | As industrial control network threats become increasingly complex, traditional intrusion detection systems (IDS) struggle to capture implicit relationships due to feature redundancy and intricate feature interactions. This leads to increased computational complexity and higher detection latency, making it difficult for industrial control systems(ICS) to meet the fast and accurate response requirements for security events. In this study, we propose a dynamic anomaly detection model for industrial control networks, named EfficientTransformer. The model uses a 1D Convolutional Neural Network (1D-CNN) to extract local features from the data, while a linear multi-head self-attention mechanism, replacing the traditional Transformer’s multi-head attention mechanism, provides global learning capabilities. This reduces computational complexity and enables efficient parallel learning. Additionally, to address the issue of class imbalance, the model incorporates a weighted cross-entropy loss function that assigns higher weights to the minority class of abnormal traffic, thereby improving the model’s anomaly detection ability. This innovation further mitigates issues of feature redundancy and complex feature interactions, enhancing the model’s dynamic processing capability and accuracy. The method was validated on the Oil and Gas Gathering and Transportation Full-Process Industrial Platform Attack-Defense Field, and the Catalytic Reforming Unit Process Platform at the Key Laboratory of Information Security for the Petrochemical Industry in Liaoning Province. Experimental results show that the proposed EfficientTransformer improves accuracy by 1.01% and 2.26% compared to the standard Transformer on the two datasets and significantly reduces testing time, demonstrating its applicability in the field of industrial information security. |
|---|---|
| ISSN: | 2169-3536 |