A standardized ICS network data processing flow with generative model in anomaly detection
Industrial control systems (ICS) now usually connect to Wireless Sensor Networks and the Internet, exposing them to security threats resulting from cyber-attacks. However, detecting such attacks is non-trivial task. The high-dimensional network data pose significant challenges on security anomaly de...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/145800 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-145800 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1458002021-01-08T05:24:16Z A standardized ICS network data processing flow with generative model in anomaly detection Yang, Tao Hu, Yibo Li, Yang Hu, Wei Pan, Quan School of Computer Science and Engineering Engineering::Computer science and engineering Industrial Control Systems Network Security Imbalanced Data Industrial control systems (ICS) now usually connect to Wireless Sensor Networks and the Internet, exposing them to security threats resulting from cyber-attacks. However, detecting such attacks is non-trivial task. The high-dimensional network data pose significant challenges on security anomaly detection. In this work, we propose a network flow data processing method, which can make the complex network data more standardized and unified to assist security anomaly detection. Then, data generation method is applied to collect enough training data. We also propose a evaluation method for generated data. Finally, the bidirectional recurrent neural networks with attention mechanism is proposed to extract the latent feature, and give an explainable results in identifying the dominant attributes. Empirical results show our method outperforms the state-of-the-art models. Published version 2021-01-08T05:24:16Z 2021-01-08T05:24:16Z 2020 Journal Article Yang, T., Hu, Y., Li, Y., Hu, W., & Pan, Q. (2020). A standardized ICS network data processing flow with generative model in anomaly detection. IEEE Access, 8, 4255-4264. doi:10.1109/access.2019.2963144 2169-3536 https://hdl.handle.net/10356/145800 10.1109/ACCESS.2019.2963144 8 4255 4264 en IEEE Access © 2020 IEEE. This journal is 100% open access, which means that all content is freely available without charge to users or their institutions. All articles accepted after 12 June 2019 are published under a CC BY 4.0 license, and the author retains copyright. Users are allowed to read, download, copy, distribute, print, search, or link to the full texts of the articles, or use them for any other lawful purpose, as long as proper attribution is given. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering Industrial Control Systems Network Security Imbalanced Data |
| spellingShingle |
Engineering::Computer science and engineering Industrial Control Systems Network Security Imbalanced Data Yang, Tao Hu, Yibo Li, Yang Hu, Wei Pan, Quan A standardized ICS network data processing flow with generative model in anomaly detection |
| description |
Industrial control systems (ICS) now usually connect to Wireless Sensor Networks and the Internet, exposing them to security threats resulting from cyber-attacks. However, detecting such attacks is non-trivial task. The high-dimensional network data pose significant challenges on security anomaly detection. In this work, we propose a network flow data processing method, which can make the complex network data more standardized and unified to assist security anomaly detection. Then, data generation method is applied to collect enough training data. We also propose a evaluation method for generated data. Finally, the bidirectional recurrent neural networks with attention mechanism is proposed to extract the latent feature, and give an explainable results in identifying the dominant attributes. Empirical results show our method outperforms the state-of-the-art models. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Yang, Tao Hu, Yibo Li, Yang Hu, Wei Pan, Quan |
| format |
Article |
| author |
Yang, Tao Hu, Yibo Li, Yang Hu, Wei Pan, Quan |
| author_sort |
Yang, Tao |
| title |
A standardized ICS network data processing flow with generative model in anomaly detection |
| title_short |
A standardized ICS network data processing flow with generative model in anomaly detection |
| title_full |
A standardized ICS network data processing flow with generative model in anomaly detection |
| title_fullStr |
A standardized ICS network data processing flow with generative model in anomaly detection |
| title_full_unstemmed |
A standardized ICS network data processing flow with generative model in anomaly detection |
| title_sort |
standardized ics network data processing flow with generative model in anomaly detection |
| publishDate |
2021 |
| url |
https://hdl.handle.net/10356/145800 |
| _version_ |
1688654636338118656 |