Affiliation:
1. Raghu Institute of Technology, Visakhapatnam, India
Abstract
Cyber-physical systems (CPS) that are enabled by the Internet of Things (IoT) can be difficult to protect because security measures designed for general information/operational technology (IT/OT) systems may not be as effective in a CPS setting. As a result, an industrial control system (ICS)-specific, two-level ensemble attack detection and attribution framework is presented in this article. A decision tree and a novel ensemble deep representation-learning model are used to detect attacks in imbalanced ICS environments at the first level. An ensemble deep neural network is made to make attack attribution easier at the second level. Gas pipeline and water treatment system data sets are used to evaluate the proposed model. The results show that, despite having a similar computational complexity, the proposed model performs better than other competing methods
Reference18 articles.
1. K. Graves, Ceh: Official certified ethical hacker review guide: Exam 312-50. John Wiley & Sons, 2007.
2. R. Christopher, “Port scanning techniques and the defense against them,” SANS Institute, 2001.
3. M. Baykara, R. Das¸, and I. Karado ˘gan, “Bilgi g ¨uvenli ˘gisistemlerindekullanilanarac¸larinincelenmesi,” in 1st International Symposium on Digital Forensics and Security (ISDFS13), 2013, pp. 231–239.
4. S. Staniford, J. A. Hoagland, and J. M. McAlerney, “Practical automated detection of stealthy portscans,” Journal of Computer Security, vol. 10, no. 1-2, pp. 105–136, 2002.
5. S. Robertson, E. V. Siegel, M. Miller, and S. J. Stolfo, “Surveillance detection in high bandwidth environments,” in DARPA Information Survivability Conference and Exposition, 2003. Proceedings, vol. 1. IEEE, 2003, pp. 130–138.