SPR: Malicious traffic detection model for CTCS-3 in railways

Abstract

The increasingly complex and interconnected train control information network is vulnerable to a variety of malicious traffic attacks, and the existing malicious traffic detection methods mainly rely on machine learning, such as poor robustness, weak generalization, and a lack of ability to learn common features. Therefore, this paper proposes a malicious traffic identification method based on stacked sparse denoising autoencoders combined with a regularized extreme learning machine through particle swarm optimization. Firstly, the simulation environment of the Chinese train control system-3, was constructed for data acquisition. Then Pearson coefficient and other methods are used for pre-processing, then a stacked sparse denoising autoencoder is used to achieve nonlinear dimensionality reduction of features, and finally regularization extreme learning machine optimized by particle swarm optimization is used to achieve classification. Experimental data show that the proposed method has good training performance, with an average accuracy of 97.57 % and a false negative rate of 2.43 %, which is better than other alternative methods. In addition, ablation experiments were performed to evaluate the contribution of each component, and the results showed that the combination of methods was superior to individual methods. To further evaluate the generalization ability of the model in different scenarios, publicly available data sets of industrial control system networks were used. The results show that the model has robust detection capability in various types of network attacks.