An Ensemble Deep Learning-Based Cyber-Attack Detection in Industrial Control System

Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.

Download Full-text

Research of Classical Machine Learning Methods and Deep Learning Models Effectiveness in Detecting Anomalies of Industrial Control System

2018 Global Smart Industry Conference (GloSIC) ◽

10.1109/glosic.2018.8570073 ◽

2018 ◽

Cited By ~ 1

Author(s):

Alexander N. Sokolov ◽

Ilya A. Pyatnitsky ◽

Sergei K. Alabugin

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Control System ◽

Industrial Control System ◽

Learning Models ◽

Industrial Control ◽

Learning Methods ◽

Machine Learning Methods

Download Full-text

Explaining the Attributes of a Deep Learning Based Intrusion Detection System for Industrial Control Networks

Sensors ◽

10.3390/s20143817 ◽

2020 ◽

Vol 20 (14) ◽

pp. 3817 ◽

Cited By ~ 1

Author(s):

Zhidong Wang ◽

Yingxu Lai ◽

Zenghui Liu ◽

Jing Liu

Keyword(s):

Deep Learning ◽

Control System ◽

Intrusion Detection ◽

Security System ◽

Classification Model ◽

Industrial Control System ◽

Industrial Control ◽

Data Set ◽

Network Intrusion ◽

Calculation Process

Intrusion detection is only the initial part of the security system for an industrial control system. Because of the criticality of the industrial control system, professionals still make the most important security decisions. Therefore, a simple intrusion alarm has a very limited role in the security system, and intrusion detection models based on deep learning struggle to provide more information because of the lack of explanation. This limits the application of deep learning methods to industrial control network intrusion detection. We analyzed the deep neural network (DNN) model and the interpretable classification model from the perspective of information, and clarified the correlation between the calculation process of the DNN model and the classification process. By comparing the normal samples with the abnormal samples, the abnormalities that occur during the calculation of the DNN model compared to the normal samples could be found. Based on this, a layer-wise relevance propagation method was designed to map the abnormalities in the calculation process to the abnormalities of attributes. At the same time, considering that the data set may already contain some useful information, we designed filtering rules for a kind of data set that can be obtained at a low cost, so that the calculation result is presented in a more accurate manner, which should help professionals lock and address intrusion threats more quickly.

Download Full-text