ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets
Digitization has pioneered to drive exceptional changes across all industries in the advancement of analytics, automation, and Artificial Intelligence (AI) and Machine Learning (ML). However, new business requirements associated with the efficiency benefits of digital...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English English |
| Published: |
IEEE
2021
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/90597/7/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine_schedule.pdf http://irep.iium.edu.my/90597/13/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine%20Learning%20and%20DPI%20using%20Cyber-kit%20Datasets_Scopus.pdf http://irep.iium.edu.my/90597/14/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine%20Learning.pdf http://irep.iium.edu.my/90597/ https://ieeexplore-ieee-org.ezlib.iium.edu.my/document/9467162 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Islam Antarabangsa Malaysia |
| Language: | English English English |
| id |
my.iium.irep.90597 |
|---|---|
| record_format |
dspace |
| spelling |
my.iium.irep.905972021-09-17T07:53:29Z http://irep.iium.edu.my/90597/ ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets Mubarak, Sinil Habaebi, Mohamed Hadi Islam, Md. Rafiqul Khan, Sheroz TK Electrical engineering. Electronics Nuclear engineering Digitization has pioneered to drive exceptional changes across all industries in the advancement of analytics, automation, and Artificial Intelligence (AI) and Machine Learning (ML). However, new business requirements associated with the efficiency benefits of digitalization are forcing increased connectivity between IT and OT networks, thereby increasing the attack surface and hence the cyber risk. Cyber threats are on the rise and securing industrial networks are challenging with the shortage of human resource in OT field, with more inclination to IT/OT convergence and the attackers deploy various hi-tech methods to intrude the control systems nowadays. We have developed an innovative real-time ICS cyber test kit to obtain the OT industrial network traffic data with various industrial attack vectors. In this paper, we have introduced the industrial datasets generated from ICS test kit, which incorporate the cyber- physical system of industrial operations. These datasets with a normal baseline along with different industrial hacking scenarios are analyzed for research purposes. Metadata is obtained from Deep packet inspection (DPI) of flow properties of network packets. DPI analysis provides more visibility into the contents of OT traffic based on communication protocols. The advancement in technology has led to the utilization of machine learning/artificial intelligence capability in IDS ICS SCADA. The industrial datasets are pre-processed, profiled and the abnormality is analyzed with DPI. The processed metadata is normalized for the easiness of algorithm analysis and modelled with machine learning-based latest deep learning ensemble LSTM algorithms for anomaly detection. The deep learning approach has been used nowadays for enhanced OT IDS performances. IEEE 2021-06-22 Conference or Workshop Item PeerReviewed application/pdf en http://irep.iium.edu.my/90597/7/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine_schedule.pdf application/pdf en http://irep.iium.edu.my/90597/13/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine%20Learning%20and%20DPI%20using%20Cyber-kit%20Datasets_Scopus.pdf application/pdf en http://irep.iium.edu.my/90597/14/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine%20Learning.pdf Mubarak, Sinil and Habaebi, Mohamed Hadi and Islam, Md. Rafiqul and Khan, Sheroz (2021) ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets. In: 2021 8TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION ENGINEERING (ICCCE), 22-23 June 2021, Kuala Lumpur, Malaysia. https://ieeexplore-ieee-org.ezlib.iium.edu.my/document/9467162 10.1109/ICCCE50029.2021.9467162 |
| institution |
Universiti Islam Antarabangsa Malaysia |
| building |
IIUM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
International Islamic University Malaysia |
| content_source |
IIUM Repository (IREP) |
| url_provider |
http://irep.iium.edu.my/ |
| language |
English English English |
| topic |
TK Electrical engineering. Electronics Nuclear engineering |
| spellingShingle |
TK Electrical engineering. Electronics Nuclear engineering Mubarak, Sinil Habaebi, Mohamed Hadi Islam, Md. Rafiqul Khan, Sheroz ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets |
| description |
Digitization has pioneered to drive exceptional
changes across all industries in the advancement of analytics, automation, and Artificial
Intelligence (AI) and Machine Learning (ML). However, new business requirements
associated with the efficiency benefits of digitalization are forcing increased connectivity
between IT and OT networks, thereby increasing the attack surface and hence the cyber risk.
Cyber threats are on the rise and securing industrial networks are challenging with the
shortage of human resource in OT field, with more inclination to IT/OT convergence and the
attackers deploy various hi-tech methods to intrude the control systems nowadays. We have
developed an innovative real-time ICS cyber test kit to obtain the OT industrial network
traffic data with various industrial attack vectors. In this paper, we have introduced
the industrial datasets generated from ICS test kit, which incorporate the cyber-
physical system of industrial operations. These datasets with a normal baseline along with
different industrial hacking scenarios are analyzed for research purposes. Metadata is
obtained from Deep packet inspection (DPI) of flow properties of network packets. DPI analysis
provides more visibility into the contents of OT traffic based on communication protocols. The
advancement in technology has led to the utilization of machine learning/artificial intelligence
capability in IDS ICS SCADA. The industrial datasets are pre-processed, profiled and the
abnormality is analyzed with DPI. The processed metadata is normalized for the easiness of
algorithm analysis and modelled with machine learning-based latest deep learning
ensemble LSTM algorithms for anomaly detection. The deep learning approach has been used
nowadays for enhanced OT IDS performances. |
| format |
Conference or Workshop Item |
| author |
Mubarak, Sinil Habaebi, Mohamed Hadi Islam, Md. Rafiqul Khan, Sheroz |
| author_facet |
Mubarak, Sinil Habaebi, Mohamed Hadi Islam, Md. Rafiqul Khan, Sheroz |
| author_sort |
Mubarak, Sinil |
| title |
ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets |
| title_short |
ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets |
| title_full |
ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets |
| title_fullStr |
ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets |
| title_full_unstemmed |
ICS cyber attack detection with ensemble machine learning and DPI using cyber-Kit datasets |
| title_sort |
ics cyber attack detection with ensemble machine learning and dpi using cyber-kit datasets |
| publisher |
IEEE |
| publishDate |
2021 |
| url |
http://irep.iium.edu.my/90597/7/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine_schedule.pdf http://irep.iium.edu.my/90597/13/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine%20Learning%20and%20DPI%20using%20Cyber-kit%20Datasets_Scopus.pdf http://irep.iium.edu.my/90597/14/90597_ICS%20Cyber%20Attack%20Detection%20with%20Ensemble%20Machine%20Learning.pdf http://irep.iium.edu.my/90597/ https://ieeexplore-ieee-org.ezlib.iium.edu.my/document/9467162 |
| _version_ |
1712284843111350272 |