Journal of Computer Science and Technology


CAGCN: Centrality-Aware Graph Convolution Network for Anomaly Detection in Industrial Control Systems

Jun Yang (杨骏), Yi-Qiang Sheng* (盛益强), Jin-Lin Wang (王劲林), and Hong Ni (倪宏)   

  1. National Network New Media Engineering Research Center, Institute of Acoustics, Chinese Academy of Sciences, Beijing 100190, China
    School of Electronic, Electrical and Communication Engineering, University of Chinese Academy of Sciences, Beijing 100049, China
  • Published:2022-09-08
  • Contact: Yi-Qiang Sheng
  • About author:Yi-Qiang Sheng received his Ph.D. degree in information and communications engineering from the Tokyo Institute of Technology, Tokyo, in 2014. He is currently with the National Network New Media Engineering Research Center, Chinese Academy of Sciences, Beijing, as an academic researcher and an associate professor. His research interests include smart systems, optimization algorithms, machine learning, big data, and network theory with applications.

In industrial control systems, the utilization of deep-learning-based methods achieves improvements for anomaly detection. However, most current methods ignore the association of inner components in industrial control systems. In industrial control systems, an anomaly component may affect the neighboring components therefore the connective relationship can help us to detect anomalies effectively. In this paper, we propose a centrality-aware graph convolution network (CAGCN) for anomaly detection in industrial control systems. Unlike the traditional graph convolution network model (GCN), we utilize the concept of centrality to enhance the ability of graph convolution networks to deal with the inner relationship in industrial control systems. Our experiments show that compared with GCN, our CAGCN has a better ability to utilize this relationship between components in industrial control systems. The performances of the model are evaluated on the Secure Water Treatment (SWaT) dataset and the Water Distribution (WADI) dataset, the two most common industrial control systems datasets in the field of industrial anomaly detection. The experimental results show that our CAGCN achieves better results on precision, recall, and F1 score than the state-of-the-art methods.


4、结果(Result & Findings):对比实验结果表明,本文提出的中心性感知图卷积网络取得了比一系列最新方法更好的性能,同时实验表明本算法当使用自学习组合中心性时比使用其他中心性时取得了更好的结果,结果如下:精确率在SWaT数据集中为0.991,在WADI数据集中为0.942;召回率在SWaT数据集中为0.872,在WADI数据集中为0.952;F1分数在SWaT数据集中为0.928,在WADI数据集中为0.947。

Key words: graph convolution network; data mining; network centrality; anomaly detection; industrial control systems;

[1] Zhao-Yang Wang, Bei-Hong Jin, Tingjian Ge, Tao-Feng Xue. Detecting Anomalous Bus-Driving Behaviors from Trajectories [J]. Journal of Computer Science and Technology, 2020, 35(5): 1047-1063.
[2] Hui-Na Chao, Hua-Wei Li, Xiaoyu Song, Tian-Cheng Wang, Xiao-Wei Li. Evaluating and Constraining Hardware Assertions with Absent Scenarios [J]. Journal of Computer Science and Technology, 2020, 35(5): 1198-1216.
[3] De-Fu Lian, Qi Liu. Jointly Recommending Library Books and Predicting Academic Performance: A Mutual Reinforcement Perspective [J]. , 2018, 33(4): 654-667.
[4] Guo-Wei Wang, Jin-Dou Zhang, Jing Li. Complete Your Mobility: Linking Trajectories Across Heterogeneous Mobility Data Sources [J]. , 2018, 33(4): 792-806.
[5] Yu-Geng Song, Hui-Min Cui, Xiao-Bing Feng. Parallel Incremental Frequent Itemset Mining for Large Data [J]. , 2017, 32(2): 368-385.
[6] Shi-Ming Guo, Hong Gao. HUITWU: An Efficient Algorithm for High-Utility Itemset Mining in Transaction Databases [J]. , 2016, 31(4): 776-786.
[7] Wu Yang Guo-Wei Shen, Wei Wang, Liang-Yi Gong, Miao Yu, Guo-Zhong Dong. Anomaly Detection in Microblogging via Co-Clustering [J]. , 2015, 30(5): 1097-1108.
[8] Cheng Chen, Kui Wu, Venkatesh Srinivasan, Kesav Bharadwaj R. The Best Answers? Think Twice: Identifying Commercial Campagins in the CQA Forums [J]. , 2015, 30(4): 810-828.
[9] Ke-Yan Cao, Guo-Ren Wang, Dong-Hong Han, Guo-Hui Ding, Ai-Xia Wang, and Ling-Xu Shi. Continuous Outlier Monitoring on Uncertain Data Streams [J]. , 2014, 29(3): 436-448.
[10] Wei Luo, Marcus Gallagher, and Janet Wiles. Parameter-Free Search of Time-Series Discord [J]. , 2013, 28(2): 300-310.
[11] Philip Leroux, Student Member, IEEE, Bart Dhoedt, Member, IEEE, Piet Demeester, Fellow, IEEE, and Filip De Turck, Senior Member, IEEE. Performance Characterization of Game Recommendation Algorithms on Online Social Network Sites [J]. , 2012, 27(3): 611-623.
[12] Bin Zhang (张宾), Jia-Hai Yang (杨家海), Member, CCF, ACM, IEEE Jian-Ping Wu (吴建平), Fellow, IEEE, Member, CCF, ACM, and Ying-Wu Zhu (朱应武). Diagnosing Traffic Anomalies Using a Two-Phase Model [J]. , 2012, (2): 313-327.
[13] Jun-Qiang Liu (刘君强). Publishing Set-Valued Data Against Realistic Adversaries [J]. , 2012, 27(1): 24-36.
[14] Xiu-Li Ma (马秀莉), Hai-Feng Hu (胡海峰), Shuang-Feng Li (李双峰), Hong-Mei Xiao (肖红梅), Qiong Luo (罗琼), Dong-Qing Yang (杨冬青), Member,CCF, and Shi-Wei Tang (唐世渭), Senior Member, CCF. DHC: Distributed, Hierarchical Clustering in Sensor Networks [J]. , 2011, 26(4): 643-662.
[15] Yuan Jiang (姜远), Member, CCF, Ming Li (黎铭), Member, CCF, ACM, IEEE, and Zhi-Hua Zhou (周志华), Senior Member, CCF, IEEE, <. Software Defect Detection with ROCUS [J]. , 2011, 26(2): 328-342.
Full text



No Suggested Reading articles found!

ISSN 1000-9000(Print)

CN 11-2296/TP

Editorial Board
Author Guidelines
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
  Copyright ©2015 JCST, All Rights Reserved