Cover Image

Industrial datasets with ICS testbed and attack detection using machine learning techniques

Industrial control systems (ICS) are the backbone for the implementation of cybersecurity solutions. They are susceptible to various attacks, due to openness in connectivity, unauthorized attempts, malicious attacks, use of more commercial off the shelf (COTS) software and hardware, and implementati...

Full description

Saved in:
Bibliographic Details
Main Authors: Mubarak, Sinil, Habaebi, Mohamed Hadi, Islam, Md. Rafiqul, Balla, Asaad, Tahir, Mohammad, Elsheikh, Elfatih A. A., Suliman, F. M.
Format: Article
Language:English
English
Published: Tech Science Press 2021
Subjects:
TK Electrical engineering. Electronics Nuclear engineering
TK7800 Electronics. Computer engineering. Computer hardware. Photoelectronic devices
Online Access:http://irep.iium.edu.my/92973/3/92973_Industrial%20datasets%20with%20ICS.pdf
http://irep.iium.edu.my/92973/5/92973_%20Industrial%20datasets%20with%20ICS%20testbed_Scopus.pdf
http://irep.iium.edu.my/92973/
https://www.techscience.com/iasc/v31n3/44856
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.iium.irep.92973
record_format dspace
spelling my.iium.irep.929732021-11-18T01:37:21Z http://irep.iium.edu.my/92973/ Industrial datasets with ICS testbed and attack detection using machine learning techniques Mubarak, Sinil Habaebi, Mohamed Hadi Islam, Md. Rafiqul Balla, Asaad Tahir, Mohammad Elsheikh, Elfatih A. A. Suliman, F. M. TK Electrical engineering. Electronics Nuclear engineering TK7800 Electronics. Computer engineering. Computer hardware. Photoelectronic devices Industrial control systems (ICS) are the backbone for the implementation of cybersecurity solutions. They are susceptible to various attacks, due to openness in connectivity, unauthorized attempts, malicious attacks, use of more commercial off the shelf (COTS) software and hardware, and implementation of Internet protocols (IP) that exposes them to the outside world. Cybersecurity solutions for Information technology (IT) secured with firewalls, intrusion detection/protection systems do nothing much for Operational technology (OT) ICS. An innovative concept of using real operational technology network traffic-based testbed, for cyber-physical system simulation and analysis, is presented. The testbed is equipped with real-time attacks using in-house penetration test tool with reconnaissance, interception, and firmware analysis scenarios. The test cases with different real-time hacking scenarios are implemented with the ICS cyber test kit, and its industrial datasets are captured which can be utilized for Deep packet inspection (DPI). The DPI provides more visibility into the contents of OT network traffic based on OT protocols. The Machine learning (ML) techniques are deployed for cyber-attack detection of datasets from the cyber kit. The performance metrics such as accuracy, precision, recall, F1 score are evaluated and cross validated for different ML algorithms for anomaly detection. The decision tree (DT) ML technique is optimized with pruning method which provides an attack detection accuracy of 96.5%. The deep learning (DL) techniques has been used recently for enhanced OT intrusion detection performances. Tech Science Press 2021-10-09 Article PeerReviewed application/pdf en http://irep.iium.edu.my/92973/3/92973_Industrial%20datasets%20with%20ICS.pdf application/pdf en http://irep.iium.edu.my/92973/5/92973_%20Industrial%20datasets%20with%20ICS%20testbed_Scopus.pdf Mubarak, Sinil and Habaebi, Mohamed Hadi and Islam, Md. Rafiqul and Balla, Asaad and Tahir, Mohammad and Elsheikh, Elfatih A. A. and Suliman, F. M. (2021) Industrial datasets with ICS testbed and attack detection using machine learning techniques. Intelligent Automation & Soft Computing, 31 (3). pp. 1345-1360. ISSN 1079-8587 E-ISSN 2326-005X https://www.techscience.com/iasc/v31n3/44856 10.32604/iasc.2022.020801
institution Universiti Islam Antarabangsa Malaysia
building IIUM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider International Islamic University Malaysia
content_source IIUM Repository (IREP)
url_provider http://irep.iium.edu.my/
language English
English
topic TK Electrical engineering. Electronics Nuclear engineering
TK7800 Electronics. Computer engineering. Computer hardware. Photoelectronic devices
spellingShingle TK Electrical engineering. Electronics Nuclear engineering
TK7800 Electronics. Computer engineering. Computer hardware. Photoelectronic devices
Mubarak, Sinil
Habaebi, Mohamed Hadi
Islam, Md. Rafiqul
Balla, Asaad
Tahir, Mohammad
Elsheikh, Elfatih A. A.
Suliman, F. M.
Industrial datasets with ICS testbed and attack detection using machine learning techniques
description Industrial control systems (ICS) are the backbone for the implementation of cybersecurity solutions. They are susceptible to various attacks, due to openness in connectivity, unauthorized attempts, malicious attacks, use of more commercial off the shelf (COTS) software and hardware, and implementation of Internet protocols (IP) that exposes them to the outside world. Cybersecurity solutions for Information technology (IT) secured with firewalls, intrusion detection/protection systems do nothing much for Operational technology (OT) ICS. An innovative concept of using real operational technology network traffic-based testbed, for cyber-physical system simulation and analysis, is presented. The testbed is equipped with real-time attacks using in-house penetration test tool with reconnaissance, interception, and firmware analysis scenarios. The test cases with different real-time hacking scenarios are implemented with the ICS cyber test kit, and its industrial datasets are captured which can be utilized for Deep packet inspection (DPI). The DPI provides more visibility into the contents of OT network traffic based on OT protocols. The Machine learning (ML) techniques are deployed for cyber-attack detection of datasets from the cyber kit. The performance metrics such as accuracy, precision, recall, F1 score are evaluated and cross validated for different ML algorithms for anomaly detection. The decision tree (DT) ML technique is optimized with pruning method which provides an attack detection accuracy of 96.5%. The deep learning (DL) techniques has been used recently for enhanced OT intrusion detection performances.
format Article
author Mubarak, Sinil
Habaebi, Mohamed Hadi
Islam, Md. Rafiqul
Balla, Asaad
Tahir, Mohammad
Elsheikh, Elfatih A. A.
Suliman, F. M.
author_facet Mubarak, Sinil
Habaebi, Mohamed Hadi
Islam, Md. Rafiqul
Balla, Asaad
Tahir, Mohammad
Elsheikh, Elfatih A. A.
Suliman, F. M.
author_sort Mubarak, Sinil
title Industrial datasets with ICS testbed and attack detection using machine learning techniques
title_short Industrial datasets with ICS testbed and attack detection using machine learning techniques
title_full Industrial datasets with ICS testbed and attack detection using machine learning techniques
title_fullStr Industrial datasets with ICS testbed and attack detection using machine learning techniques
title_full_unstemmed Industrial datasets with ICS testbed and attack detection using machine learning techniques
title_sort industrial datasets with ics testbed and attack detection using machine learning techniques
publisher Tech Science Press
publishDate 2021
url http://irep.iium.edu.my/92973/3/92973_Industrial%20datasets%20with%20ICS.pdf
http://irep.iium.edu.my/92973/5/92973_%20Industrial%20datasets%20with%20ICS%20testbed_Scopus.pdf
http://irep.iium.edu.my/92973/
https://www.techscience.com/iasc/v31n3/44856
_version_ 1717093000696299520
score 13.211869

Similar Items