Detecting cyberattacks in industrial control systems using online learning algorithms
Industrial control systems are critical to the operation of industrial facilities, especially for critical infrastructures, such as refineries, power grids, and transportation systems. Similar to other information systems, a significant threat to industrial control systems is the attack from cybersp...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/5132 https://ink.library.smu.edu.sg/context/sis_research/article/6135/viewcontent/Cyberattacks_ICS_algorithms_2019_av.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-6135 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-61352020-05-28T07:04:33Z Detecting cyberattacks in industrial control systems using online learning algorithms LI, Guangxia SHEN, Yulong ZHAO, Peilin LU, Xiao LIU, Jia LIU, Yangyang HOI, Steven C. H. Industrial control systems are critical to the operation of industrial facilities, especially for critical infrastructures, such as refineries, power grids, and transportation systems. Similar to other information systems, a significant threat to industrial control systems is the attack from cyberspace-the offensive maneuvers launched by "anonymous" in the digital world that target computer-based assets with the goal of compromising a system's functions or probing for information. Owing to the importance of industrial control systems, and the possibly devastating consequences of being attacked, significant endeavors have been attempted to secure industrial control systems from cyberattacks. Among them are intrusion detection systems that serve as the first line of defense by monitoring and reporting potentially malicious activities. Classical machine-learning-based intrusion detection methods usually generate prediction models by learning modest-sized training samples all at once. Such approach is not always applicable to industrial control systems, as industrial control systems must process continuous control commands with limited computational resources in a nonstop way. To satisfy such requirements, we propose using online learning to learn prediction models from the controlling data stream. We introduce several state-of-theart online learning algorithms categorically, and illustrate their efficacies on two typically used testbeds- power system and gas pipeline. Further, we explore a new cost-sensitive online learning algorithm to solve the class-imbalance problem that is pervasive in industrial intrusion detection systems. Our experimental results indicate that the proposed algorithm can achieve an overall improvement in the detection rate of cyberattacks in industrial control systems. 2019-10-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5132 info:doi/10.1016/j.neucom.2019.07.031 https://ink.library.smu.edu.sg/context/sis_research/article/6135/viewcontent/Cyberattacks_ICS_algorithms_2019_av.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Online learning Cost-sensitive learning Cybersecurity Industrial control systems Intrusion detection Databases and Information Systems Theory and Algorithms |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Online learning Cost-sensitive learning Cybersecurity Industrial control systems Intrusion detection Databases and Information Systems Theory and Algorithms |
| spellingShingle |
Online learning Cost-sensitive learning Cybersecurity Industrial control systems Intrusion detection Databases and Information Systems Theory and Algorithms LI, Guangxia SHEN, Yulong ZHAO, Peilin LU, Xiao LIU, Jia LIU, Yangyang HOI, Steven C. H. Detecting cyberattacks in industrial control systems using online learning algorithms |
| description |
Industrial control systems are critical to the operation of industrial facilities, especially for critical infrastructures, such as refineries, power grids, and transportation systems. Similar to other information systems, a significant threat to industrial control systems is the attack from cyberspace-the offensive maneuvers launched by "anonymous" in the digital world that target computer-based assets with the goal of compromising a system's functions or probing for information. Owing to the importance of industrial control systems, and the possibly devastating consequences of being attacked, significant endeavors have been attempted to secure industrial control systems from cyberattacks. Among them are intrusion detection systems that serve as the first line of defense by monitoring and reporting potentially malicious activities. Classical machine-learning-based intrusion detection methods usually generate prediction models by learning modest-sized training samples all at once. Such approach is not always applicable to industrial control systems, as industrial control systems must process continuous control commands with limited computational resources in a nonstop way. To satisfy such requirements, we propose using online learning to learn prediction models from the controlling data stream. We introduce several state-of-theart online learning algorithms categorically, and illustrate their efficacies on two typically used testbeds- power system and gas pipeline. Further, we explore a new cost-sensitive online learning algorithm to solve the class-imbalance problem that is pervasive in industrial intrusion detection systems. Our experimental results indicate that the proposed algorithm can achieve an overall improvement in the detection rate of cyberattacks in industrial control systems. |
| format |
text |
| author |
LI, Guangxia SHEN, Yulong ZHAO, Peilin LU, Xiao LIU, Jia LIU, Yangyang HOI, Steven C. H. |
| author_facet |
LI, Guangxia SHEN, Yulong ZHAO, Peilin LU, Xiao LIU, Jia LIU, Yangyang HOI, Steven C. H. |
| author_sort |
LI, Guangxia |
| title |
Detecting cyberattacks in industrial control systems using online learning algorithms |
| title_short |
Detecting cyberattacks in industrial control systems using online learning algorithms |
| title_full |
Detecting cyberattacks in industrial control systems using online learning algorithms |
| title_fullStr |
Detecting cyberattacks in industrial control systems using online learning algorithms |
| title_full_unstemmed |
Detecting cyberattacks in industrial control systems using online learning algorithms |
| title_sort |
detecting cyberattacks in industrial control systems using online learning algorithms |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2019 |
| url |
https://ink.library.smu.edu.sg/sis_research/5132 https://ink.library.smu.edu.sg/context/sis_research/article/6135/viewcontent/Cyberattacks_ICS_algorithms_2019_av.pdf |
| _version_ |
1770575253812019200 |