{"title":"基于无监督机器学习的过程控制通信攻击与故障检测","authors":"Franka Schuster, F. Kopp, A. Paul, H. König","doi":"10.1109/INDIN.2018.8472054","DOIUrl":null,"url":null,"abstract":"In the course of industrial digitalization, the security of process control networks and especially critical infrastructures has become a major issue that requires novel methods to achieve a multi-level protection. An important feature of this protection is a protocol-specific monitoring within the process control networks that identifies faults and attacks which already have overcome the firewall protection. For a wide-spread application in various sites, this monitoring must be self-adaptive to the different traffic characteristics of the respective networks. Protocol knowledge combined with unsupervised machine learning algorithms can leverage this task. In this paper we present the latest results of applying two machine learning methods on real-world traffic datasets from two plant process control networks. The results for different mappings of the considered packet features are discussed in terms of f-score, precision, and recall. They demonstrate the high potential of using unsupervised learning for training anomaly detectors to identify intrusions in industrial networks.","PeriodicalId":6467,"journal":{"name":"2018 IEEE 16th International Conference on Industrial Informatics (INDIN)","volume":"94 1","pages":"433-438"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Attack and Fault Detection in Process Control Communication Using Unsupervised Machine Learning\",\"authors\":\"Franka Schuster, F. Kopp, A. Paul, H. König\",\"doi\":\"10.1109/INDIN.2018.8472054\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the course of industrial digitalization, the security of process control networks and especially critical infrastructures has become a major issue that requires novel methods to achieve a multi-level protection. An important feature of this protection is a protocol-specific monitoring within the process control networks that identifies faults and attacks which already have overcome the firewall protection. For a wide-spread application in various sites, this monitoring must be self-adaptive to the different traffic characteristics of the respective networks. Protocol knowledge combined with unsupervised machine learning algorithms can leverage this task. In this paper we present the latest results of applying two machine learning methods on real-world traffic datasets from two plant process control networks. The results for different mappings of the considered packet features are discussed in terms of f-score, precision, and recall. They demonstrate the high potential of using unsupervised learning for training anomaly detectors to identify intrusions in industrial networks.\",\"PeriodicalId\":6467,\"journal\":{\"name\":\"2018 IEEE 16th International Conference on Industrial Informatics (INDIN)\",\"volume\":\"94 1\",\"pages\":\"433-438\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE 16th International Conference on Industrial Informatics (INDIN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INDIN.2018.8472054\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 16th International Conference on Industrial Informatics (INDIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INDIN.2018.8472054","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Attack and Fault Detection in Process Control Communication Using Unsupervised Machine Learning
In the course of industrial digitalization, the security of process control networks and especially critical infrastructures has become a major issue that requires novel methods to achieve a multi-level protection. An important feature of this protection is a protocol-specific monitoring within the process control networks that identifies faults and attacks which already have overcome the firewall protection. For a wide-spread application in various sites, this monitoring must be self-adaptive to the different traffic characteristics of the respective networks. Protocol knowledge combined with unsupervised machine learning algorithms can leverage this task. In this paper we present the latest results of applying two machine learning methods on real-world traffic datasets from two plant process control networks. The results for different mappings of the considered packet features are discussed in terms of f-score, precision, and recall. They demonstrate the high potential of using unsupervised learning for training anomaly detectors to identify intrusions in industrial networks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
