Assessment of Cyber-Physical Intrusion Detection and Classification for Industrial Control Systems

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

The increasing interaction of industrial control systems (ICSs) with public networks and digital devices introduces new cyber threats to power systems and other critical infrastructure. Recent cyber-physical attacks such as Stuxnet and Irongate revealed unexpected ICS vulnerabilities and a need for improved security measures. Intrusion detection systems constitute a key security technology, which typically monitors cyber network data for detecting malicious activities. However, a central characteristic of modern ICSs is the increasing interdependency of physical and cyber network processes. Thus, the integration of network and physical process data is seen as a promising approach to improve predictability in real-time intrusion detection for ICSs by accounting for physical constraints and underlying process patterns. This work systematically assesses machine learning-based cyber-physical intrusion detection and multi-class classification through a comparison to its purely network data-based counterpart and evaluation of misclassifications and detection delay. Multiple supervised detection and classification pipelines are applied on a recent cyber-physical dataset, which describes various cyber attacks and physical faults on a generic ICS. A key finding is that the integration of physical process data improves detection and classification of all considered attack types. In addition, it enables simultaneous processing of attacks and faults, paving the way for holistic cross-domain root cause identification.
Original languageEnglish
Title of host publicationProceedings of 2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)
Number of pages7
PublisherIEEE
Publication date2022
Pages432-438
ISBN (Electronic)978-1-6654-3254-2
DOIs
Publication statusPublished - 2022
Event2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids - Singapore, Singapore
Duration: 25 Oct 202228 Oct 2022

Conference

Conference2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids
Country/TerritorySingapore
CitySingapore
Period25/10/202228/10/2022

Keywords

  • Cyber-physical
  • Industrial control systems
  • Intrusion detection
  • Machine learning
  • Power systems

Fingerprint

Dive into the research topics of 'Assessment of Cyber-Physical Intrusion Detection and Classification for Industrial Control Systems'. Together they form a unique fingerprint.

Cite this