DEVELOPMENT OF MACHINE LEARNING SUBSYSTEM FOR INTRUSION DETECTION SYSTEM IN CYBER- PHYSICAL SYSTEM

DEVELOPMENT OF MACHINE LEARNING SUBSYSTEM FOR INTRUSION DETECTION SYSTEM IN CYBER- PHYSICAL SYSTEM

Cyber-Physical Systems (CPS) are increasingly being used in critical fields such as healthcare, urban areas, and industry. The development of CPS has led to an increase in cyber-attacks. Attacks on CPS can have significant economic and societal impacts, as seen in the case of Stuxnet, which cause...

Full description

Saved in:
Bibliographic Details
Main Author: Savero Diaz Pranoto, Fabian
Format: Final Project
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/74136
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:Cyber-Physical Systems (CPS) are increasingly being used in critical fields such as healthcare, urban areas, and industry. The development of CPS has led to an increase in cyber-attacks. Attacks on CPS can have significant economic and societal impacts, as seen in the case of Stuxnet, which caused major damage to Iran's nuclear program. Therefore, an integrated system is needed to monitor, detect, and respond to attacks on CPS. Intrusion Detection Systems (IDS) are typically developed to detect attacks to prevent CPS. Several studies have utilized machine learning models in IDS to detect attacks. Among these studies, deep learning models such as 1D-CNN, autoencoders, and LSTM have shown good performance in attack detection. At the Bandung Institute of Technology, there is a CPS called the Process Instrumentation Trainer, which serves as a testbed. In this CPS, an IDS is developed to simulate the protection of CPS from attacks. This report covers the detection and model training aspects of the IDS. Detection is performed using a machine learning model trained on patterns of the system under normal conditions. To determine the best-performing model, a comparison is made between 1D-CNN, autoencoders, LSTM, and PCA. Using the 1D-CNN model, the developed solution can detect 29 out of 35 attacks in the SWaT dataset and all 5 tested attacks on the CPS. However, the model's resilience against adversarial attacks is still unknown.

Similar Items