In this study, a new industrial intrusion detection method is introduced for the control system of rotating machines as critical assets in many industries. Data tampering is a major attack on the control systems which disrupts the functionality of the asset. Hence, our objective is to detect data manipulations in the system. We use the behavior of the rotating machine to propose new industrial intrusion detection for the control system of the rotating machine by machine learning techniques. The behavior is elicited by the data of sensors under all the conditions of the rotating machine operation. In this work, the nonlinear regression, novelty detection, outlier detection, and classification approaches are implemented to create behavioral model. On each implementation, online data are compared with the real data of behavior prediction model during the operation of the rotating machine to detect any abnormality. According to our experimental results, the accuracy of the behavioral models created by the One-classSVM novelty detection, k- Nearest Neighbor (kNN) outlier detection, decision tree classifier, k-Neighbors classifier, random forest classifier, and AdaBoost classifier is obtained as 0.98, 0.994, 0.999, 0.999, 0.999, and 0.999, respectively. The results indicate that the proposed industrial intrusion detection method is able to detect the data tampering attacks on the control system of the rotating machines very accurately.

在这项研究中，针对作为许多行业关键资产的旋转机械的控制系统，引入了一种新的工业入侵检测方法。数据篡改是对控制系统的重大攻击，会破坏资产的功能。因此，我们的目标是检测系统中的数据操作。我们利用旋转机器的行为，通过机器学习技术为旋转机器的控制系统提出新的工业入侵检测。该行为是由传感器在旋转机器运行的所有条件下的数据引发的。在这项工作中，实现了非线性回归、新颖性检测、异常值检测和分类方法来创建行为模型。在每次实施时，在线数据与旋转机械运行过程中行为预测模型的真实数据进行比较，检测任何异常。根据我们的实验结果，由 One-classSVM 新颖性检测、k-最近邻 (kNN) 异常值检测、决策树分类器、k-Neighbors 分类器、随机森林分类器和 AdaBoost 分类器创建的行为模型的准确性为分别为 0.98、0.994、0.999、0.999、0.999 和 0.999。结果表明，所提出的工业入侵检测方法能够非常准确地检测对旋转机械控制系统的数据篡改攻击。由 One-classSVM 新颖性检测、k-最近邻 (kNN) 异常值检测、决策树分类器、k-Neighbors 分类器、随机森林分类器和 AdaBoost 分类器创建的行为模型的准确度为 0.98、0.994、0.999，分别为 0.999、0.999 和 0.999。结果表明，所提出的工业入侵检测方法能够非常准确地检测对旋转机械控制系统的数据篡改攻击。由 One-classSVM 新颖性检测、k-最近邻 (kNN) 异常值检测、决策树分类器、k-Neighbors 分类器、随机森林分类器和 AdaBoost 分类器创建的行为模型的准确度为 0.98、0.994、0.999，分别为 0.999、0.999 和 0.999。结果表明，所提出的工业入侵检测方法能够非常准确地检测对旋转机械控制系统的数据篡改攻击。