scholarly journals Identification of ICS Security Risks toward the Analysis of Packet Interaction Characteristics Using State Sequence Matching Based on SF-FSM

2017 ◽  
Vol 2017 ◽  
pp. 1-17 ◽  
Author(s):  
Jianxin Xu ◽  
Dongqin Feng
Keyword(s):  
Anomaly Detection ◽  
Cyber Security ◽  
Prototype System ◽  
Sequence Matching ◽  
Industrial Control ◽  
State Sequence ◽  
Detection Approach ◽  
Finite State ◽  
Pair Sequence ◽  
Sequence Signatures

This paper discusses two aspects of major risks related to the cyber security of an industrial control system (ICS), including the exploitation of the vulnerabilities of legitimate communication parties and the features abused by unauthorized parties. We propose a novel framework for exposing the above two types of risks. A state fusion finite state machine (SF-FSM) model is defined to describe multiple request-response packet pair sequence signatures of various applications using the same protocol. An inverted index of keywords in an industrial protocol is also proposed to accomplish fast state sequence matching. Then we put forward the concept of scenario reconstruction, using state sequence matching based on SF-FSM, to present the known vulnerabilities corresponding to applications of a specific type and version by identifying the packet interaction characteristics from the data flow in the supervisory control layer network. We also implement an anomaly detection approach to identifying illegal access using state sequence matching based on SF-FSM. An anomaly is asserted if none of the state sequence signatures in the SF-FSM is matched with a packet flow. Ultimately, an example based on industrial protocols is demonstrated by a prototype system to validate the methods of scenario reconstruction and anomaly detection.

scholarly journals A Cyber-Security Methodology for a Cyber-Physical Industrial Control System Testbed

IEEE Access ◽  
2021 ◽  
Vol 9 ◽  
pp. 16239-16253
Author(s):  
Mohammad Noorizadeh ◽  
Mohammad Shakerpour ◽  
Nader Meskin ◽  
Devrim Unal ◽  
Khashayar Khorasani
Keyword(s):  
Control System ◽  
Cyber Security ◽  
Industrial Control System ◽  
Industrial Control

scholarly journals Bayesian Models Applied to Cyber Security Anomaly Detection Problems

2021 ◽  
Author(s):  
José A. Perusquía ◽  
Jim E. Griffin ◽  
Cristiano Villa
Keyword(s):  
Anomaly Detection ◽  
Cyber Security ◽  
Bayesian Models

scholarly journals Random Collective Representation-Based Detector with Multiple Features for Hyperspectral Images

2021 ◽  
Vol 13 (4) ◽  
pp. 721
Author(s):  
Zhongheng Li ◽  
Fang He ◽  
Haojie Hu ◽  
Fei Wang ◽  
Weizhong Yu
Keyword(s):  
Anomaly Detection ◽  
Hyperspectral Image ◽  
Spectral Feature ◽  
Collaborative Representation ◽  
Detection Accuracy ◽  
Spatial Features ◽  
Collective Representation ◽  
Detection Approach ◽  
Adaptive Weight ◽  
Gabor Feature

Collaborative representation-based detector (CRD), as the most representative anomaly detection method, has been widely applied in the field of hyperspectral anomaly detection (HAD). However, the sliding dual window of the original CRD introduces high computational complexity. Moreover, most HAD models only consider a single spectral or spatial feature of the hyperspectral image (HSI), which is unhelpful for improving detection accuracy. To solve these problems, in terms of speed and accuracy, we propose a novel anomaly detection approach, named Random Collective Representation-based Detector with Multiple Feature (RCRDMF). This method includes the following steps. This method first extract the different features include spectral feature, Gabor feature, extended multiattribute profile (EMAP) feature, and extended morphological profile (EMP) feature matrix from the HSI image, which enables us to improve the accuracy of HAD by combining the multiple spectral and spatial features. The ensemble and random collaborative representation detector (ERCRD) method is then applied, which can improve the anomaly detection speed. Finally, an adaptive weight approach is proposed to calculate the weight for each feature. Experimental results on six hyperspectral datasets demonstrate that the proposed approach has the superiority over accuracy and speed.

Detecting cyberattacks using anomaly detection in industrial control systems: A Federated Learning approach

2021 ◽  
Vol 132 ◽  
pp. 103509
Author(s):  
Truong Thu Huong ◽  
Ta Phuong Bac ◽  
Dao Minh Long ◽  
Tran Duc Luong ◽  
Nguyen Minh Dan ◽  
...  
Keyword(s):  
Anomaly Detection ◽  
Control Systems ◽  
Learning Approach ◽  
Industrial Control ◽  
Industrial Control Systems
Sign in / Sign up

Export Citation Format

Share Document