CNN based method for the development of cyber-attacks detection algorithms in industrial control systems
Само за регистроване кориснике
2022
Чланак у часопису (Објављена верзија)
Метаподаци
Приказ свих података о документуАпстракт
Extensive communication between smart devices in contemporary Industrial Control Systems (ICS) opens up a vast area for different cyber-attacks and malicious threats. The negative effects of these attacks can not only disrupt or completely disable the system functioning, but also they can have serious safety related consequences. Therefore, cybersecurity in ICS becomes one of the most important issues. In this paper we propose a method for the design of algorithms for the detection of cyber-attacks on communication links between smart devices. The method belongs to the class of semi-supervised data driven approaches and it is based on Convolutional Neural Networks (CNN). Starting from a predefined range of network hyperparameters and data obtained from system operation without attacks, the proposed method autonomously selects suitable CNN architecture and thresholds for online intrusion detection. Following the characteristics of ICS, the proposed intrusion detection is host based, and... in our research we consider the structure of ICS and the feasibility of the attack detection algorithm implementation on control system devices. The method is experimentally verified using two case studies. In the first case study that refers to the publicly available dataset obtained from Secure Water Treatment (SWaT) testbed, we present a comparative analysis of the developed method with alternative approaches. The second case study considers a custom developed electro-pneumatic positioning system; in this system we carry out the real-world implementation and validation of the intrusion detection algorithm developed using the proposed method.
Кључне речи:
Industry 4.0 / Industrial internet-of-things / Industrial control systems / Cyber-attacks detection / Convolutional neural networksИзвор:
Computers & Security, 2022, 114Издавач:
- Elsevier Advanced Technology, Oxford
Финансирање / пројекти:
- MISSION4.0 - Deep Machine Learning and Swarm Intelligence-Based Optimization Algorithms for Control and Scheduling of Cyber-Physical Systems in Industry 4.0 (RS-ScienceFundRS-AI-6523109)
- Министарство науке, технолошког развоја и иновација Републике Србије, институционално финансирање - 200105 (Универзитет у Београду, Машински факултет) (RS-MESTD-inst-2020-200105)
DOI: 10.1016/j.cose.2021.102585
ISSN: 0167-4048
WoS: 000754417100011
Scopus: 2-s2.0-85121922460
Колекције
Институција/група
Mašinski fakultetTY - JOUR AU - Nedeljković, Dušan AU - Jakovljević, Živana PY - 2022 UR - https://machinery.mas.bg.ac.rs/handle/123456789/3705 AB - Extensive communication between smart devices in contemporary Industrial Control Systems (ICS) opens up a vast area for different cyber-attacks and malicious threats. The negative effects of these attacks can not only disrupt or completely disable the system functioning, but also they can have serious safety related consequences. Therefore, cybersecurity in ICS becomes one of the most important issues. In this paper we propose a method for the design of algorithms for the detection of cyber-attacks on communication links between smart devices. The method belongs to the class of semi-supervised data driven approaches and it is based on Convolutional Neural Networks (CNN). Starting from a predefined range of network hyperparameters and data obtained from system operation without attacks, the proposed method autonomously selects suitable CNN architecture and thresholds for online intrusion detection. Following the characteristics of ICS, the proposed intrusion detection is host based, and in our research we consider the structure of ICS and the feasibility of the attack detection algorithm implementation on control system devices. The method is experimentally verified using two case studies. In the first case study that refers to the publicly available dataset obtained from Secure Water Treatment (SWaT) testbed, we present a comparative analysis of the developed method with alternative approaches. The second case study considers a custom developed electro-pneumatic positioning system; in this system we carry out the real-world implementation and validation of the intrusion detection algorithm developed using the proposed method. PB - Elsevier Advanced Technology, Oxford T2 - Computers & Security T1 - CNN based method for the development of cyber-attacks detection algorithms in industrial control systems VL - 114 DO - 10.1016/j.cose.2021.102585 ER -
@article{ author = "Nedeljković, Dušan and Jakovljević, Živana", year = "2022", abstract = "Extensive communication between smart devices in contemporary Industrial Control Systems (ICS) opens up a vast area for different cyber-attacks and malicious threats. The negative effects of these attacks can not only disrupt or completely disable the system functioning, but also they can have serious safety related consequences. Therefore, cybersecurity in ICS becomes one of the most important issues. In this paper we propose a method for the design of algorithms for the detection of cyber-attacks on communication links between smart devices. The method belongs to the class of semi-supervised data driven approaches and it is based on Convolutional Neural Networks (CNN). Starting from a predefined range of network hyperparameters and data obtained from system operation without attacks, the proposed method autonomously selects suitable CNN architecture and thresholds for online intrusion detection. Following the characteristics of ICS, the proposed intrusion detection is host based, and in our research we consider the structure of ICS and the feasibility of the attack detection algorithm implementation on control system devices. The method is experimentally verified using two case studies. In the first case study that refers to the publicly available dataset obtained from Secure Water Treatment (SWaT) testbed, we present a comparative analysis of the developed method with alternative approaches. The second case study considers a custom developed electro-pneumatic positioning system; in this system we carry out the real-world implementation and validation of the intrusion detection algorithm developed using the proposed method.", publisher = "Elsevier Advanced Technology, Oxford", journal = "Computers & Security", title = "CNN based method for the development of cyber-attacks detection algorithms in industrial control systems", volume = "114", doi = "10.1016/j.cose.2021.102585" }
Nedeljković, D.,& Jakovljević, Ž.. (2022). CNN based method for the development of cyber-attacks detection algorithms in industrial control systems. in Computers & Security Elsevier Advanced Technology, Oxford., 114. https://doi.org/10.1016/j.cose.2021.102585
Nedeljković D, Jakovljević Ž. CNN based method for the development of cyber-attacks detection algorithms in industrial control systems. in Computers & Security. 2022;114. doi:10.1016/j.cose.2021.102585 .
Nedeljković, Dušan, Jakovljević, Živana, "CNN based method for the development of cyber-attacks detection algorithms in industrial control systems" in Computers & Security, 114 (2022), https://doi.org/10.1016/j.cose.2021.102585 . .