{"title":"Graph neural network‐based attack prediction for communication‐based train control systems","authors":"Junyi Zhao, Tao Tang, Bing Bu, Qichang Li","doi":"10.1049/cit2.12288","DOIUrl":null,"url":null,"abstract":"The Advanced Persistent Threats (APTs) have emerged as one of the key security challenges to industrial control systems. APTs are complex multi‐step attacks, and they are naturally diverse and complex. Therefore, it is important to comprehend the behaviour of APT attackers and anticipate the upcoming attack actions. GNN‐AP is proposed, a framework utilising an alert log to predict potential attack targets. Firstly, GNN‐AP uses causality to eliminate confounding elements from the alert dataset and then uses an encoder‐decoder model to reconstruct an attack scenario graph. Based on the chronological characteristics of APT attacks, GNN‐AP identifies APT attack sequences from attack scenario graphs and integrates these attack sequences with communication‐based train control (CBTC) devices topology information to construct an Attack‐Target Graph. Based on the attack‐target graph, a graph neural network approach is used to identify the attack intent and transforms the attack prediction problem into a link prediction problem that predicts the connected edges of the attack and target nodes. The simulation results obtained using DARPA data show that the proposed method can improve the comparison methods by 4% of accuracy in terms of prediction. Furthermore, the method was applied to the CBTC system dataset with a prediction accuracy of 88%, demonstrating the efficacy of the proposed method for industrial control systems.","PeriodicalId":8,"journal":{"name":"ACS Biomaterials Science & Engineering","volume":"56 3","pages":""},"PeriodicalIF":5.5000,"publicationDate":"2024-02-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACS Biomaterials Science & Engineering","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1049/cit2.12288","RegionNum":2,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"MATERIALS SCIENCE, BIOMATERIALS","Score":null,"Total":0}
引用次数: 0
Abstract
The Advanced Persistent Threats (APTs) have emerged as one of the key security challenges to industrial control systems. APTs are complex multi‐step attacks, and they are naturally diverse and complex. Therefore, it is important to comprehend the behaviour of APT attackers and anticipate the upcoming attack actions. GNN‐AP is proposed, a framework utilising an alert log to predict potential attack targets. Firstly, GNN‐AP uses causality to eliminate confounding elements from the alert dataset and then uses an encoder‐decoder model to reconstruct an attack scenario graph. Based on the chronological characteristics of APT attacks, GNN‐AP identifies APT attack sequences from attack scenario graphs and integrates these attack sequences with communication‐based train control (CBTC) devices topology information to construct an Attack‐Target Graph. Based on the attack‐target graph, a graph neural network approach is used to identify the attack intent and transforms the attack prediction problem into a link prediction problem that predicts the connected edges of the attack and target nodes. The simulation results obtained using DARPA data show that the proposed method can improve the comparison methods by 4% of accuracy in terms of prediction. Furthermore, the method was applied to the CBTC system dataset with a prediction accuracy of 88%, demonstrating the efficacy of the proposed method for industrial control systems.
期刊介绍:
ACS Biomaterials Science & Engineering is the leading journal in the field of biomaterials, serving as an international forum for publishing cutting-edge research and innovative ideas on a broad range of topics:
Applications and Health – implantable tissues and devices, prosthesis, health risks, toxicology
Bio-interactions and Bio-compatibility – material-biology interactions, chemical/morphological/structural communication, mechanobiology, signaling and biological responses, immuno-engineering, calcification, coatings, corrosion and degradation of biomaterials and devices, biophysical regulation of cell functions
Characterization, Synthesis, and Modification – new biomaterials, bioinspired and biomimetic approaches to biomaterials, exploiting structural hierarchy and architectural control, combinatorial strategies for biomaterials discovery, genetic biomaterials design, synthetic biology, new composite systems, bionics, polymer synthesis
Controlled Release and Delivery Systems – biomaterial-based drug and gene delivery, bio-responsive delivery of regulatory molecules, pharmaceutical engineering
Healthcare Advances – clinical translation, regulatory issues, patient safety, emerging trends
Imaging and Diagnostics – imaging agents and probes, theranostics, biosensors, monitoring
Manufacturing and Technology – 3D printing, inks, organ-on-a-chip, bioreactor/perfusion systems, microdevices, BioMEMS, optics and electronics interfaces with biomaterials, systems integration
Modeling and Informatics Tools – scaling methods to guide biomaterial design, predictive algorithms for structure-function, biomechanics, integrating bioinformatics with biomaterials discovery, metabolomics in the context of biomaterials
Tissue Engineering and Regenerative Medicine – basic and applied studies, cell therapies, scaffolds, vascularization, bioartificial organs, transplantation and functionality, cellular agriculture
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
