Abstract:
Intrusion detection aims to effectively detect abnormal attacks in the network, which is critical for cyber security. Considering the problem that traditional intrusion detection methods are difficult to extract effective data features from industrial control system communication data, a intrusion detection model based on correlation information entropy and CNN-BiLSTM is proposed. It combines feature selection based on correlation information entropy with fused deep learning algorithms, and thus it can effectively remove noise redundancy, reduce computation and improve detection accuracy. Firstly, the corresponding pre-processing is carried out for the imbalanced samples, and the algorithm based on correlation information entropy is implied to select the features of the samples to achieve the purposes of removing noise data and redundant features. Then, convolutional neural network (CNN) and bidirectional long short-term memory (BiLSTM) network are applied respectively to extract data features from time and space dimensions, and realize feature fusion through multi-head attention mechanism to obtain the final test results. Finally, the optimal model is obtained by the single variable principle and cross-validation method. Compared with other traditional intrusion detection methods, the model has higher accuracy (99.21%) and lower false negative rate (0.77%).