Design of Intrusion Detection System for Oil and Gas Production IoT #br#
Based on Edgecloud Collaboration#br#

Journal of Information Security Reserach ›› 2025, Vol. 11 ›› Issue (9): 868-.

Design of Intrusion Detection System for Oil and Gas Production IoT #br# Based on Edgecloud Collaboration#br#

Qian Yongao1, Deng Tao2, Ma Yun3, Zhou Chunjie1, Yan Kui4, and Zhang Weiping4

1(School of Artificial Intelligence and Automation, Huazhong University of Science and Technology, Wuhan 430074)
2(Science and Technology Information Department, PetroChina Xinjiang Oilfield Company, Karamay, Xinjiang 834099)
3(Oil Production Technology Research Institute, PetroChina Xinjiang Oilfield Company, Karamay, Xinjiang 834099)
4(AISenz Inc., Shenzhen, Guangdong 518057)

Online:2025-09-30 Published:2025-09-30

基于边云协同的油气生产物联网入侵检测系统设计

钱永傲1邓涛2马赟3周纯杰1燕葵4张卫平4

1(华中科技大学人工智能与自动化学院武汉430074)
2(中国石油新疆油田公司科技信息部新疆克拉玛依834099)
3(中国石油新疆油田公司采油工艺研究院新疆克拉玛依834099)
4(深圳市艾森智能技术有限公司广东深圳518057)

通讯作者: 周纯杰博士，教授.主要研究方向为工业互联网及工业信息物理系统安全. cjiezhou@hust.edu.cn
作者简介:钱永傲博士研究生.主要研究方向为信息安全与系统安全. qianya@hust.edu.cn 邓涛高级工程师.主要研究方向为物联网工程. 228198102@qq.com 马赟硕士,高级工程师.主要研究方向为自动化、物联网、数字孪生. xj8091@126.com 周纯杰博士，教授.主要研究方向为工业互联网及工业信息物理系统安全. cjiezhou@hust.edu.cn 燕葵硕士.主要研究方向为工业物联网产品. yankui03@tsinghua.org.cn 张卫平博士,研究员.主要研究方向为工业无线网络、机器人及自动化. Simon.zhang@aisenz.com

Abstract

Abstract: Aiming at the multifaceted intrusion threats in the oil and gas production IoT, this paper proposes an intrusion detection system based on edgecloud collaboration. The system is designed to meet the high requirements for realtime performance and accuracy, while overcoming challenges such as limited edge computing resources and data heterogeneity between edge and cloud environments. The system adopts a cloudedge collaborative architecture, with different intrusion detection subsystems deployed at the edgecloud, working in coordination to ensure comprehensive protection. The edge uses a model based on independent classification and joint analysis to accurately detect anomalies in multiple physical data, achieving detection speeds within 100 milliseconds. The cloud uses a model based on feature extraction + XGBoost, and adopts pretraining and finetuning to obtain a detection model with both anomaly traffic detection capability and low false alarm rate. The simulation results show that the system achieves high accuracy and realtime performance, adapts to the differences in available computing resources of the edge and cloud devices, and satisfies the performance requirements of intrusion detection across different levels.

Key words: edgecloud collaboration, oil and gas production IoT, edgeside intrusion detection, cloudside intrusion detection, system simulation

摘要： 针对油气生产物联网面临的多方面入侵威胁，为满足入侵检测对于实时性和精确度的高要求，克服边端计算资源受限、边云数据异构等技术难题，提出一种基于边云协同的油气生产物联网入侵检测系统.采用边云协同的架构模式，边端和云端分别部署不同的入侵检测子系统，二者协同运行，实现全面防护.边端采用基于独立分类+联合分析的模型架构，对多种物理数据进行精准的异常检测，检测速度可达100ms级.云端使用基于特征提取+XGBoost的算法，并采用预训练+微调的方式获得兼具异常流量检测能力与低误报率的模型.仿真结果显示该系统具备较高的准确性和实时性，能够适应边、云设备的可用计算资源差异性，并且满足不同层次的入侵检测性能要求.

关键词: 边云协同, 油气生产物联网, 边端入侵检测, 云端入侵检测, 系统仿真

CLC Number:

TP391

钱永傲, 邓涛, 马赟, 周纯杰, 燕葵, 张卫平, . 基于边云协同的油气生产物联网入侵检测系统设计[J]. 信息安全研究, 2025, 11(9): 868-.

References

［1］李兵元, 赵春雪, 唐进, 等. 油气生产物联网技术在油气生产中的应用［J］. 中国管理信息化, 2020, 23(7): 182183［2］史艳霞. 油气生产物联网SCADA系统安全风险评估及防御框架研究［D］. 兰州: 兰州理工大学, 2019［3］刘银鹏. 油气生产物联网未来发展趋势研究［J］. 中国设备工程, 2022, 22(17): 256258［4］王相, 杨耀忠, 何岩峰, 等. 基于深度学习的油井工况智能诊断技术研究及应用［J］. 油气地质与采收率, 2022, 29(1): 181189［5］熊涛理. 基于深度信念网络的油井工况诊断方法研究［D］. 沈阳: 沈阳工业大学, 2023［6］王通, 熊涛理. 基于改进AdamDBN的油井工况诊断方法［J］. 沈阳工业大学学报, 2023, 45(3): 330335［7］叶彦斐, 侯翔一, 程立, 等. 基于电参数和示功图信息融合的油井工况诊断算法［J］. 工业控制计算机, 2023, 36(6): 1618［8］费力. 基于深度包检测的列车通信网络入侵检测系统的设计与实现［D］. 武汉: 华中科技大学, 2019［9］Zong Bo, Song Qi, Min M R, et al. Deep autoencoding gaussian mixture model for unsupervised anomaly detection［C］ Proc of the 6th Int Conf on Learning Representations. New York: Curran Associates, 2018: 30723090［10］张天月, 陈伟, 刘宇啸. 基于多尺度时空残差网络的入侵检测方法［J］. 信息安全研究, 2023, 9(11): 10451053［11］王伟. 基于深度学习的网络流量分类及异常检测方法研究［D］. 合肥: 中国科学技术大学, 2018［12］Moustafa N, Slay J. UNSWNB15: A comprehensive data set for network intrusion detection systems (UNSWNB15 network data set)［C］ Proc of 2015 Military Communications and Information Systems Conference (MilCIS 2015). Piscataway, NJ: IEEE, 2015: 16［13］贾志鹏, 李盼, 念彬, 等. 基于物联网的油井智能间抽控制系统［J］. 物联网技术, 2021, 11(7): 5961［14］曹庆年, 张杰, 孟开元. 基于示功图的抽油机智能间抽系统研究［J］.辽宁化工, 2021, 50(3): 340342, 345［15］Ngo V D, Vuong T C, Van Luong T, et al. Machine learningbased intrusion detection: Feature selection versus feature extraction［J］. Cluster Computing, 2023, 27(3): 23652379

[1]	. A Privacy Budget Allocation Method Based on Differential #br# Privacy kmeans++#br# [J]. Journal of Information Security Reserach, 2025, 11(8): 710-.
[2]	. Design and Implementation of 3D Model Matching Algorithm [J]. Journal of Information Security Reserach, 2025, 11(6): 539-.
[3]	. Malicious Behavior Detection Method Based on Behavior Clustering LSTMNN#br# [J]. Journal of Information Security Reserach, 2025, 11(4): 343-.
[4]	. Fake Face Detection Method Based on ConvNeXt [J]. Journal of Information Security Reserach, 2025, 11(3): 231-.
[5]	. Research on Multimodal Cyberbullying Detection Model for #br# Social Networking Platforms#br# [J]. Journal of Information Security Reserach, 2025, 11(2): 154-.
[6]	. Malware Identification Technology Based on Bitmap Representation and UAtt Classification Network [J]. Journal of Information Security Reserach, 2025, 11(1): 28-.
[7]	. [J]. Journal of Information Security Reserach, 2024, 10(E2): 134-.
[8]	. [J]. Journal of Information Security Reserach, 2024, 10(E2): 173-.
[9]	. A Blockchain Access Control Model for Grain Traceability Based on #br# Zerotrust Mechanism#br# [J]. Journal of Information Security Reserach, 2024, 10(10): 944-.
[10]	. A Differential Privacy Text Desensitization Method for Enhancing Semantic Consistency [J]. Journal of Information Security Reserach, 2024, 10(8): 706-.
[11]	. Behavior Conflict Detection Model Based on Transformer and Graph Convolution Networks [J]. Journal of Information Security Reserach, 2024, 10(8): 729-.
[12]	. Multilabel Classification Method of Open Source Threat Intelligence Text Based on BertTextCNN [J]. Journal of Information Security Reserach, 2024, 10(8): 760-.
[13]	. [J]. Journal of Information Security Reserach, 2024, 10(E1): 191-.
[14]	. [J]. Journal of Information Security Reserach, 2024, 10(E1): 97-.
[15]	. Prediction of Industrial Control System Vulnerability Exploitation Relationships Based on Knowledge Graphreasoning [J]. Journal of Information Security Reserach, 2024, 10(6): 498-.