Responsive image
博碩士論文 etd-0607123-154354 詳細資訊
Title page for etd-0607123-154354
運用生成對抗樣本改善工業控制系統 入侵偵測系統之穩健度
Improving the Robustness of Intrusion Detection System of Industrial Control System by Using Generative Adversarial Samples
Year, semester
Number of pages
Advisory Committee
Date of Exam
Date of Submission
Generative Adversarial Networks, Industrial Control System, Intrusion Detection, Fuzz Testing, Deep Learning
本論文已被瀏覽 146 次,被下載 0
The thesis/dissertation has been browsed 146 times, has been downloaded 0 times.
The convergence of Industrial Control System(ICS) network and Information Technology(IT) network enables traditional manufacturers to leverage modern technologies for automated production. However, the network protocols for ICS possess limited defense mechanisms against potential threats since they were designed for deployment in isolated environments. Consequently, the exposure of ICS network has led to an array of emerging cyberattacks. The need for safeguarding against these novel cyberattacks necessitates the development of a robust intrusion detection system capable of promptly alerting security personnel.
The robustness and reliability of an intrusion detection system heavily relies on the quality of its training data. Current Intrusion Detection Systems(IDS) confront challenges related to insufficient and imbalanced data, which significantly affect their detection rates. Generative adversarial networks offer a solution by generating realistic data based on existing data, and a wide variety of Generative Adversarial Networks(GAN) variants cater to different data types. By appropriately synthesizing generated and existing data, the issues of data quality can be address, subsequently improve the performance of IDS.
This study employs Conditional Tabular GAN (CTGAN) as it is redesigned for generating tabular data. Furthermore, several constraint rules are also defined within CTGAN model to ensure that the generated data are accurate in accordance with the protocols. Additionally, this study also incorporates fuzzing as complementary techniques during evaluation. And according to the evaluation results, the IDS trained with synthetic data that combines CTGAN data, fuzzing data and existing data yields the best performance.
目次 Table of Contents
論文審定書 i
中文摘要 ii
英文摘要 iii
圖次 vi
表次 vii
第一章 序論 1
1.1 研究背景 1
1.2 研究動機 3
1.3 研究目的 4
第二章 文獻探討 6
2.1對抗式資料生成 6
2.1.1生成對抗網路 7
2.1.2對抗式攻擊 11
2.2 模型改善方法 12
2.3 模糊測試 14
第三章 研究方法 16
3.1對抗式樣本生成模組 20
3.1.1 CTGAN演算法 20
3.1.2相關限制 23
3.1.3 Fuzzing相關演算法 24
3.2 IDS模型改善模組 25
第四章 系統評估 28
4.1實驗概述 28
4.1.1評估方法 28
4.1.2實驗資料集簡介 29
4.1.3實驗設計 31
4.2 FUZZING資料生成 33
4.3 CTGAN資料生成 38
4.3.1 CTGAN資料訓練模型 IDS-MCT 38
4.3.2 CTGAN資料訓練模型 IDS-BCT 42
4.4 資料混合訓練模型 IDS-BCTFZ 46
4.5 與其他方法比較 47
第五章 研究貢獻與未來展望 48
參考文獻 50
參考文獻 References
[1] A. Ribeiro, "Widening threat landscape brings a multitude of challenges to industrial, manufacturing enterprises,", 20211219 2021. [Online]. Available:
[2] 趨勢科技, "什麼是工業控制系統(Industrial Control System,ICS) ?," 資安趨勢部落格, 20210419 2021. [Online]. Available:
[3] 趨勢科技, "工業設備網路攻擊造成企業數百萬美元損失," 20220609 2022. [Online]. Available:
[4] 數位資安, "美國佛州淨水廠網路攻擊事件,凸顯關鍵基礎設施資安防護仍顯脆弱," 20210304 2021. [Online]. Available:
[5] 周峻佑, "伊朗鐵路系統遭入侵,駭客散布班次延誤或取消的不實資訊," 電週文化事業, 2021. [Online]. Available:
[6] I. Ilascu, "Iranian gas stations out of service after distribution network hacked," BLEEPINGCOMPUTER, 20211026 2021. [Online]. Available:
[7] 陳曉莉, "FBI證實攻擊燃油管道系統Colonial Pipeline的兇手為DarkSide," in iThome, ed, 2021.
[8] 周峻佑, "多國警告全球關鍵基礎設施成俄羅斯下一波攻擊目標、手機晶片漏洞恐波及安卓用戶," 電週文化事業, 2022. [Online]. Available:
[9] P. H. Duy and N. N. Diep, "Intrusion detection using deep neural network," Southeast Asian Journal of Sciences, vol. 5, no. 2, pp. 111-125, 2017.
[10] T. A. Tang, L. Mhamdi, D. McLernon, S. A. R. Zaidi, and M. Ghogho, "Deep learning approach for network intrusion detection in software defined networking," in 2016 international conference on wireless networks and mobile communications (WINCOM), 2016: IEEE, pp. 258-263.
[11] C. Yin, Y. Zhu, J. Fei, and X. He, "A deep learning approach for intrusion detection using recurrent neural networks," Ieee Access, vol. 5, pp. 21954-21961, 2017.
[12] N. Akhtar and A. Mian, "Threat of adversarial attacks on deep learning in computer vision: A survey," Ieee Access, vol. 6, pp. 14410-14430, 2018.
[13] H. Qiu, T. Dong, T. Zhang, J. Lu, G. Memmi, and M. Qiu, "Adversarial attacks against network intrusion detection in IoT systems," IEEE Internet of Things Journal, vol. 8, no. 13, pp. 10327-10335, 2020.
[14] J. Dong, Z. Guan, L. Wu, X. Du, and M. Guizani, "A sentence-level text adversarial attack algorithm against IIoT based smart grid," Computer Networks, vol. 190, p. 107956, 2021.
[15] V. Ballet, X. Renard, J. Aigrain, T. Laugel, P. Frossard, and M. Detyniecki, "Imperceptible adversarial attacks on tabular data," arXiv preprint arXiv:1911.03274, 2019.
[16] I. Goodfellow et al., "Generative adversarial networks," Communications of the ACM, vol. 63, no. 11, pp. 139-144, 2020.
[17] M. H. Shahriar, N. I. Haque, M. A. Rahman, and M. Alonso, "G-ids: Generative adversarial networks assisted intrusion detection system," in 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), 2020: IEEE, pp. 376-385.
[18] L. Xu, M. Skoularidou, A. Cuesta-Infante, and K. Veeramachaneni, "Modeling tabular data using conditional gan," Advances in Neural Information Processing Systems, vol. 32, 2019.
[19] A. A. Alqarni and E.-S. M. El-Alfy, "Improving Intrusion Detection for Imbalanced Network Traffic using Generative Deep Learning," International Journal of Advanced Computer Science and Applications, vol. 13, no. 4, 2022.
[20] J. Jia, P. Wu, K. Zhang, and J. Zhong, "Imbalanced Disk Failure Data Processing Method Based on CTGAN," in International Conference on Intelligent Computing, 2022: Springer, pp. 638-649.
[21] S. Ndichu, T. Ban, T. Takahashi, and D. Inoue, "Security-Alert Screening with Oversampling Based on Conditional Generative Adversarial Networks," in 2022 17th Asia Joint Conference on Information Security (AsiaJCIS), 2022: IEEE, pp. 1-7.
[22] D. G. Nyambo, N. Ngulumbi, N. Mduma, R. Sinde, and T. Lyimo, "Data Synthesis Technique for Categorical Pestes Des Petits Ruminants (PPR) Data Using CTGAN Model," 2023.
[23] K. Sauka, G.-Y. Shin, D.-W. Kim, and M.-M. Han, "Adversarial robust and explainable network intrusion detection systems based on deep learning," Applied Sciences, vol. 12, no. 13, p. 6451, 2022.
[24] M. Lopez-Martin, A. Sanchez-Esguevillas, J. I. Arribas, and B. Carro, "Supervised contrastive learning over prototype-label embeddings for network intrusion detection," Information Fusion, vol. 79, pp. 200-228, 2022.
[25] M. Pawlicki, M. Choraś, and R. Kozik, "Defending network intrusion detection systems against adversarial evasion attacks," Future Generation Computer Systems, vol. 110, pp. 148-154, 2020.
[26] M. Ring, D. Schlör, D. Landes, and A. Hotho, "Flow-based network traffic generation using generative adversarial networks," Computers & Security, vol. 82, pp. 156-172, 2019.
[27] Y. Yang, K. Zheng, B. Wu, Y. Yang, and X. Wang, "Network intrusion detection based on supervised adversarial variational auto-encoder with regularization," IEEE access, vol. 8, pp. 42169-42184, 2020.
[28] G. Caminero, M. Lopez-Martin, and B. Carro, "Adversarial environment reinforcement learning algorithm for intrusion detection," Computer Networks, vol. 159, pp. 96-109, 2019.
[29] I. Debicha, R. Bauwens, T. Debatty, J.-M. Dricot, T. Kenaza, and W. Mees, "TAD: Transfer learning-based multi-adversarial detection of evasion attacks against network intrusion detection systems," Future Generation Computer Systems, vol. 138, pp. 185-197, 2023.
[30] Q. Zou, A. Singhal, X. Sun, and P. Liu, "Generating comprehensive data with protocol fuzzing for applying deep learning to detect network attacks," arXiv preprint arXiv:2012.12743, 2020.
[31] J. Li, B. Zhao, and C. Zhang, "Fuzzing: a survey," Cybersecurity, vol. 1, no. 1, pp. 1-13, 2018.
[32] M. Böhme, V.-T. Pham, M.-D. Nguyen, and A. Roychoudhury, "Directed greybox fuzzing," in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017, pp. 2329-2344.
[33] Á. L. P. Gómez et al., "On the generation of anomaly detection datasets in industrial control systems," IEEE Access, vol. 7, pp. 177460-177473, 2019.
電子全文 Fulltext
論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus:開放下載的時間 available 2028-07-07
校外 Off-campus:開放下載的時間 available 2028-07-07

您的 IP(校外) 位址是
現在時間是 2024-04-16
論文校外開放下載的時間是 2028-07-07

Your IP address is
The current date is 2024-04-16
This thesis will be available to you on 2028-07-07.

紙本論文 Printed copies
開放時間 available 2028-07-07

QR Code