| Title | A Machine Learning based Threat Intelligence Framework for Industrial Control System Network Traffic Indicators of Compromise |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Atluri, Venkata, Horne, Jeff |
| Conference Name | SoutheastCon 2021 |
| Keywords | control systems, critical infrastructure, Decision trees, ICs, indicators of compromise, industrial control, industrial control system, industrial control systems, integrated circuits, IOC, machine learning, network traffic, pubcrawl, Resiliency, Scalability, scalable systems, telecommunication traffic, threat intelligence |
| Abstract | Cyber-attacks on our Nation's Critical Infrastructure are growing. In this research, a Cyber Threat Intelligence (CTI) framework is proposed, developed, and tested. The results of the research, using 5 different simulated attacks on a dataset from an Industrial Control System (ICS) testbed, are presented with the extracted IOCs. The Bagging Decision Trees model showed the highest performance of testing accuracy (94.24%), precision (0.95), recall (0.93), and F1-score (0.94) among the 9 different machine learning models studied. |
| DOI | 10.1109/SoutheastCon45413.2021.9401809 |
| Citation Key | atluri_machine_2021 |
A Machine Learning based Threat Intelligence Framework for Industrial Control System Network Traffic Indicators of Compromise