An industrial network intrusion detection algorithm based on IGWO-GRU.

The openness and interconnectedness of industrial control systems (ICSs) is increasing, leading to a heightened risk of network-based attacks. Although research on industrial intrusion detection is ongoing, current methods often overlook the unique characteristics of industrial control flows. This study introduced an industrial network intrusion detection algorithm based on the improved gray wolf optimizer (IGWO) gated recurrent unit (GRU) model. Starting with the temporal aspects of industrial control network traffic, a simple GRU was chosen as the network model. By integrating the gray wolf optimizer (GWO) with autonomous learning methods, the algorithm could address the slow convergence caused by large volumes of industrial control network traffic. In response to the slow convergence of the GWO and its low optimization accuracy, this study developed the improved gray wolf optimizer (IGWO). By simulating an intrusion detection system (IDS) using datasets from the Natural Gas Pipeline Control System and Secure Water Treatment (SWaT) datasets, the experimental results demonstrated that the IGWO-GRU algorithm exhibited considerable advantages in terms of accuracy, false alarm rate, and false report rate, thereby enhancing the security capabilities of ICSs. [ABSTRACT FROM AUTHOR]