基于机器学习的3D打印中恶意g代码操作的早期检测

IF 6.1 1区工程技术 Q1 ENGINEERING, MANUFACTURING

Journal of Manufacturing Processes Pub Date : 2025-04-25 DOI:10.1016/j.jmapro.2025.04.012

Hala Ali, Alberto Cano, Irfan Ahmed

{"title":"基于机器学习的3D打印中恶意g代码操作的早期检测","authors":"Hala Ali, Alberto Cano, Irfan Ahmed","doi":"10.1016/j.jmapro.2025.04.012","DOIUrl":null,"url":null,"abstract":"<div><div>The increased adoption of 3D printing across various critical manufacturing sectors has made it a fruitful target for adversaries, particularly through the manipulation of G-code instructions that control the operations of 3D printers. Simple modifications to these instructions could significantly impact the integrity of 3D-printed objects. While side-channel analysis during printing is a common detection method, identifying potential malicious G-code before printing can save time and resources. Existing work relies on primitive encryption and hashing techniques and cannot distinguish between benign and malicious G-code instructions. It assumes that G-code files are benign and uses them as a reference model, focusing only on the integrity checking of G-code during storage and transmission. This paper introduces a novel automated approach to efficiently differentiate between benign and subtly manipulated G-code caused by filament, thermodynamic, and Z-profile attacks without requiring a reference model. As the first study leveraging recent advancements in Machine Learning (ML), we address several challenges in dataset generation, feature engineering, G-code segmenting and labeling, and ML classifier selection. We generate diverse G-code datasets to identify the optimal dataset characteristics and conduct a comprehensive formal analysis to extract the most suitable features. Efficient labeling strategies are employed at both layer and command levels, using the Multiple Instance Learning (MIL) paradigm for the former. We adopt the Bidirectional Long Short-Term Memory (Bi-LSTM) model enhanced by an attention mechanism and focal loss function for layer classification. Meanwhile, the Random Forest (RF) algorithm and Multilayer Perceptron (MLP) neural network model are used for command classification. All classifiers are designed to handle the imbalanced dataset. Experimental evaluation demonstrates the efficacy of our approach. The Bi-LSTM model achieves F1 scores up to 91.3% in detecting filament attacks, while the RF algorithm performs better in detecting nuanced thermodynamic and Z-profile changes at the command level, achieving F1 scores between 81.6% and 99.3%.</div></div>","PeriodicalId":16148,"journal":{"name":"Journal of Manufacturing Processes","volume":"145 ","pages":"Pages 211-235"},"PeriodicalIF":6.1000,"publicationDate":"2025-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Machine learning-based early detection of malicious G-code manipulations in 3D printing\",\"authors\":\"Hala Ali, Alberto Cano, Irfan Ahmed\",\"doi\":\"10.1016/j.jmapro.2025.04.012\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The increased adoption of 3D printing across various critical manufacturing sectors has made it a fruitful target for adversaries, particularly through the manipulation of G-code instructions that control the operations of 3D printers. Simple modifications to these instructions could significantly impact the integrity of 3D-printed objects. While side-channel analysis during printing is a common detection method, identifying potential malicious G-code before printing can save time and resources. Existing work relies on primitive encryption and hashing techniques and cannot distinguish between benign and malicious G-code instructions. It assumes that G-code files are benign and uses them as a reference model, focusing only on the integrity checking of G-code during storage and transmission. This paper introduces a novel automated approach to efficiently differentiate between benign and subtly manipulated G-code caused by filament, thermodynamic, and Z-profile attacks without requiring a reference model. As the first study leveraging recent advancements in Machine Learning (ML), we address several challenges in dataset generation, feature engineering, G-code segmenting and labeling, and ML classifier selection. We generate diverse G-code datasets to identify the optimal dataset characteristics and conduct a comprehensive formal analysis to extract the most suitable features. Efficient labeling strategies are employed at both layer and command levels, using the Multiple Instance Learning (MIL) paradigm for the former. We adopt the Bidirectional Long Short-Term Memory (Bi-LSTM) model enhanced by an attention mechanism and focal loss function for layer classification. Meanwhile, the Random Forest (RF) algorithm and Multilayer Perceptron (MLP) neural network model are used for command classification. All classifiers are designed to handle the imbalanced dataset. Experimental evaluation demonstrates the efficacy of our approach. The Bi-LSTM model achieves F1 scores up to 91.3% in detecting filament attacks, while the RF algorithm performs better in detecting nuanced thermodynamic and Z-profile changes at the command level, achieving F1 scores between 81.6% and 99.3%.</div></div>\",\"PeriodicalId\":16148,\"journal\":{\"name\":\"Journal of Manufacturing Processes\",\"volume\":\"145 \",\"pages\":\"Pages 211-235\"},\"PeriodicalIF\":6.1000,\"publicationDate\":\"2025-04-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Manufacturing Processes\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1526612525003937\",\"RegionNum\":1,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, MANUFACTURING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Manufacturing Processes","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1526612525003937","RegionNum":1,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, MANUFACTURING","Score":null,"Total":0}

引用次数: 0

摘要

3D打印在各个关键制造领域的应用越来越多，这使得它成为对手的目标，特别是通过操纵控制3D打印机操作的g代码指令。对这些指令的简单修改可能会显著影响3d打印对象的完整性。虽然在打印过程中进行侧信道分析是常见的检测方法，但在打印之前识别潜在的恶意g代码可以节省时间和资源。现有的工作依赖于原始的加密和散列技术，无法区分良性和恶意的g代码指令。它假设g代码文件是良性的，并将其作为参考模型，只关注g代码在存储和传输过程中的完整性检查。本文介绍了一种新的自动化方法，可以在不需要参考模型的情况下有效区分由细丝、热力学和z型攻击引起的良性和微妙操纵的g代码。作为第一个利用机器学习（ML）最新进展的研究，我们解决了数据集生成、特征工程、g代码分割和标记以及ML分类器选择方面的几个挑战。我们生成不同的g代码数据集，以确定最佳数据集特征，并进行全面的形式化分析，以提取最合适的特征。在层和命令级都采用了有效的标记策略，前者使用了多实例学习（MIL）范式。我们采用双向长短期记忆（Bidirectional Long - short Memory, Bi-LSTM）模型，增强了注意机制和焦点丢失函数。同时，采用随机森林（RF）算法和多层感知器（MLP）神经网络模型进行命令分类。所有分类器的设计都是为了处理不平衡的数据集。实验验证了该方法的有效性。Bi-LSTM模型在检测细丝攻击方面的F1得分高达91.3%，而RF算法在检测细微的热力学和z型曲线变化方面表现更好，F1得分在81.6%到99.3%之间。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Machine learning-based early detection of malicious G-code manipulations in 3D printing

The increased adoption of 3D printing across various critical manufacturing sectors has made it a fruitful target for adversaries, particularly through the manipulation of G-code instructions that control the operations of 3D printers. Simple modifications to these instructions could significantly impact the integrity of 3D-printed objects. While side-channel analysis during printing is a common detection method, identifying potential malicious G-code before printing can save time and resources. Existing work relies on primitive encryption and hashing techniques and cannot distinguish between benign and malicious G-code instructions. It assumes that G-code files are benign and uses them as a reference model, focusing only on the integrity checking of G-code during storage and transmission. This paper introduces a novel automated approach to efficiently differentiate between benign and subtly manipulated G-code caused by filament, thermodynamic, and Z-profile attacks without requiring a reference model. As the first study leveraging recent advancements in Machine Learning (ML), we address several challenges in dataset generation, feature engineering, G-code segmenting and labeling, and ML classifier selection. We generate diverse G-code datasets to identify the optimal dataset characteristics and conduct a comprehensive formal analysis to extract the most suitable features. Efficient labeling strategies are employed at both layer and command levels, using the Multiple Instance Learning (MIL) paradigm for the former. We adopt the Bidirectional Long Short-Term Memory (Bi-LSTM) model enhanced by an attention mechanism and focal loss function for layer classification. Meanwhile, the Random Forest (RF) algorithm and Multilayer Perceptron (MLP) neural network model are used for command classification. All classifiers are designed to handle the imbalanced dataset. Experimental evaluation demonstrates the efficacy of our approach. The Bi-LSTM model achieves F1 scores up to 91.3% in detecting filament attacks, while the RF algorithm performs better in detecting nuanced thermodynamic and Z-profile changes at the command level, achieving F1 scores between 81.6% and 99.3%.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Manufacturing Processes ENGINEERING, MANUFACTURING-

CiteScore

10.20

自引率

11.30%

发文量

833

审稿时长

50 days

期刊介绍： The aim of the Journal of Manufacturing Processes (JMP) is to exchange current and future directions of manufacturing processes research, development and implementation, and to publish archival scholarly literature with a view to advancing state-of-the-art manufacturing processes and encouraging innovation for developing new and efficient processes. The journal will also publish from other research communities for rapid communication of innovative new concepts. Special-topic issues on emerging technologies and invited papers will also be published.