International Journal of Computational Intelligence Systems (Apr 2024)

IDG-SemiAD: An Immune Detector Generation-Based Collaborative Learning Scheme for Semi-supervised Anomaly Detection in Industrial Cyber-physical Systems

  • Meng Huang,
  • Wenshan Li,
  • Junjiang He,
  • Xiaolong Lan,
  • Tao Li,
  • Nian Zhang

DOI
https://doi.org/10.1007/s44196-024-00498-5
Journal volume & issue
Vol. 17, no. 1
pp. 1 – 15

Abstract

Read online

Abstract Anomaly detection is a critical line of defense to ensure the network security of industrial cyber-physical systems. However, a significant issue in the anomaly detection is the insufficient labels of anomaly classes. With emergence of the new and unknown network attacks, accurately labeling these attacks can be a costly task. The issue of inadequate labeling may negatively impact the detection performance of many existing anomaly detection methods. To meet this gap, this paper proposes a semi-supervised collaborative learning paradigm called IDG-SemiAD, based on an immune detector generation algorithm. First, we design an immune detector generation algorithm based on a chaos map to generate abnormal samples from self-samples. Then, these abnormal samples are combined with self-samples and given specific labels to form a new training set. Finally, the LightGBM classifier is used for training and detection. Experiments on the widely used public dataset BATADAL show that the proposed IDG-SemiAD outperforms the classical v-detector method in terms of recall and f-score, with improvements of 8.2% and 8%, respectively, and outperforms deep learning-based anomaly detection methods, with a maximum improvements of up to 89.7% and 59.5% respectively.

Keywords