Visible to the public Biblio

Found 136 results

Filters: Keyword is industrial control systems  [Clear All Filters]
2023-08-24
Chen, Xuehong, Wang, Zi, Yang, Shuaifeng.  2022.  Research on Information Security Protection of Industrial Internet Oriented CNC System. 2022 IEEE 6th Information Technology and Mechatronics Engineering Conference (ITOEC). 6:1818–1822.
Machine tool is known as the mother of industry. CNC machine tool is the embodiment of modern automatic control productivity. In the context of the rapid development of the industrial Internet, a large number of equipment and systems are interconnected through the industrial Internet, realizing the flexible adaptation from the supply side to the demand side. As the a typical core system of industrial Internet, CNC system is facing the threat of industrial virus and network attack. The problem of information security is becoming more and more prominent. This paper analyzes the security risks of the existing CNC system from the aspects of terminal security, data security and network security. By comprehensively using the technologies of data encryption, identity authentication, digital signature, access control, secure communication and key management, this paper puts forward a targeted security protection and management scheme, which effectively strengthens the overall security protection ability.
ISSN: 2693-289X
Bhosale, Pushparaj, Kastner, Wolfgang, Sauter, Thilo.  2022.  Automating Safety and Security Risk Assessment in Industrial Control Systems: Challenges and Constraints. 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA). :1–4.
Currently, risk assessment of industrial control systems is static and performed manually. With the increased convergence of operational technology and information technology, risk assessment has to incorporate a combined safety and security analysis along with their interdependency. This paper investigates the data inputs required for safety and security assessments, also if the collection and utilisation of such data can be automated. A particular focus is put on integrated assessment methods which have the potential for automation. In case the overall process to identify potential hazards and threats and analyze what could happen if they occur can be automated, manual efforts and cost of operation can be reduced, thus also increasing the overall performance of risk assessment.
Cao, Yaofu, Li, Tianquan, Li, Xiaomeng, Zhao, Jincheng, Liu, Junwen, Yan, Junlu.  2022.  Research on network security behavior audit method of power industrial control system operation support cloud platform based on FP-Growth association rule algorithm. 2022 International Conference on Artificial Intelligence, Information Processing and Cloud Computing (AIIPCC). :409–412.
With the introduction of the national “carbon peaking and carbon neutrality” strategic goals and the accelerated construction of the new generation of power systems, cloud applications built on advanced IT technologies play an increasingly important role in meeting the needs of digital power business. In view of the characteristics of the current power industrial control system operation support cloud platform with wide coverage, large amount of log data, and low analysis intelligence, this paper proposes a cloud platform network security behavior audit method based on FP-Growth association rule algorithm, aiming at the uniqueness of the operating data of the cloud platform that directly interacts with the isolated system environment of power industrial control system. By using the association rule algorithm to associate and classify user behaviors, our scheme formulates abnormal behavior judgment standards, establishes an automated audit strategy knowledge base, and improves the security audit efficiency of power industrial control system operation support cloud platform. The intelligent level of log data analysis enables effective discovery, traceability and management of internal personnel operational risks.
Zhang, Yuqiang, Hao, Zhiqiang, Hu, Ning, Luo, Jiawei, Wang, Chonghua.  2022.  A virtualization-based security architecture for industrial control systems. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :94–101.
The Industrial Internet expands the attack surface of industrial control systems(ICS), bringing cybersecurity threats to industrial controllers located in operation technology(OT) networks. Honeypot technology is an important means to detect network attacks. However, the existing honeypot system cannot simulate business logic and is difficult to resist highly concealed APT attacks. This paper proposes a high-simulation ICS security defense framework based on virtualization technology. The framework utilizes virtualization technology to build twins for protected control systems. The architecture can infer the execution results of control instructions in advance based on actual production data, so as to discover hidden attack behaviors in time. This paper designs and implements a prototype system and demonstrates the effectiveness and potential of this architecture for ICS security.
Zhang, Ge, Zhang, Zheyu, Sun, Jun, Wang, Zun, Wang, Rui, Wang, Shirui, Xie, Chengyun.  2022.  10 Gigabit industrial thermal data acquisition and storage solution based on software-defined network. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :616–619.
With the wide application of Internet technology in the industrial control field, industrial control networks are getting larger and larger, and the industrial data generated by industrial control systems are increasing dramatically, and the performance requirements of the acquisition and storage systems are getting higher and higher. The collection and analysis of industrial equipment work logs and industrial timing data can realize comprehensive management and continuous monitoring of industrial control system work status, as well as intrusion detection and energy efficiency analysis in terms of traffic and data. In the face of increasingly large realtime industrial data, existing log collection systems and timing data gateways, such as packet loss and other phenomena [1], can not be more complete preservation of industrial control network thermal data. The emergence of software-defined networking provides a new solution to realize massive thermal data collection in industrial control networks. This paper proposes a 10-gigabit industrial thermal data acquisition and storage scheme based on software-defined networking, which uses software-defined networking technology to solve the problem of insufficient performance of existing gateways.
Zhang, Deng, Zhao, Jiang, Ding, Dingding, Gao, Hanjun.  2022.  Networked Control System Information Security Platform. 2022 IEEE Asia-Pacific Conference on Image Processing, Electronics and Computers (IPEC). :738–742.
With the development of industrial informatization, information security in the power production industry is becoming more and more important. In the power production industry, as the critical information egress of the industrial control system, the information security of the Networked Control System is particularly important. This paper proposes a construction method for an information security platform of Networked Control System, which is used for research, testing and training of Networked Control System information security.
Trifonov, Roumen, Manolov, Slavcho, Tsochev, Georgi, Pavlova, Galya, Raynova, Kamelia.  2022.  Analytical Choice of an Effective Cyber Security Structure with Artificial Intelligence in Industrial Control Systems. 2022 10th International Scientific Conference on Computer Science (COMSCI). :1–6.
The new paradigm of industrial development, called Industry 4.0, faces the problems of Cybersecurity, and as it has already manifested itself in Information Systems, focuses on the use of Artificial Intelligence tools. The authors of this article build on their experience with the use of the above mentioned tools to increase the resilience of Information Systems against Cyber threats, approached to the choice of an effective structure of Cyber-protection of Industrial Systems, primarily analyzing the objective differences between them and Information Systems. A number of analyzes show increased resilience of the decentralized architecture in the management of large-scale industrial processes to the centralized management architecture. These considerations provide sufficient grounds for the team of the project to give preference to the decentralized structure with flock behavior for further research and experiments. The challenges are to determine the indicators which serve to assess and compare the impacts on the controlled elements.
Gong, Xiao, Li, Mengwei, Zhao, Zhengbin, Cui, Dengqi.  2022.  Research on industrial Robot system security based on Industrial Internet Platform. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :214–218.
The industrial Internet platform has been applied to various fields of industrial production, effectively improving the data flow of all elements in the production process, improving production efficiency, reducing production costs, and ensuring the market competitiveness of enterprises. The premise of the effective application of the industrial Internet platform is the interconnection of industrial equipment. In the industrial Internet platform, industrial robot is a very common industrial control device. These industrial robots are connected to the control network of the industrial Internet platform, which will have obvious advantages in production efficiency and equipment maintenance, but at the same time will cause more serious network security problems. The industrial robot system based on the industrial Internet platform not only increases the possibility of industrial robots being attacked, but also aggravates the loss and harm caused by industrial robots being attacked. At the same time, this paper illustrates the effects and scenarios of industrial robot attacks based on industrial interconnection platforms from four different scenarios of industrial robots being attacked. Availability and integrity are related to the security of the environment.
Sun, Jun, Li, Yang, Zhang, Ge, Dong, Liangyu, Yang, Zitao, Wang, Mufeng, Cai, Jiahe.  2022.  Data traceability scheme of industrial control system based on digital watermark. 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC). :322–325.
The fourth industrial revolution has led to the rapid development of industrial control systems. While the large number of industrial system devices connected to the Internet provides convenience for production management, it also exposes industrial control systems to more attack surfaces. Under the influence of multiple attack surfaces, sensitive data leakage has a more serious and time-spanning negative impact on industrial production systems. How to quickly locate the source of information leakage plays a crucial role in reducing the loss from the attack, so there are new requirements for tracing sensitive data in industrial control information systems. In this paper, we propose a digital watermarking traceability scheme for sensitive data in industrial control systems to address the above problems. In this scheme, we enhance the granularity of traceability by classifying sensitive data types of industrial control systems into text, image and video data with differentiated processing, and achieve accurate positioning of data sources by combining technologies such as national secret asymmetric encryption and hash message authentication codes, and mitigate the impact of mainstream watermarking technologies such as obfuscation attacks and copy attacks on sensitive data. It also mitigates the attacks against the watermarking traceability such as obfuscation attacks and copy attacks. At the same time, this scheme designs a data flow watermark monitoring module on the post-node of the data source to monitor the unauthorized sensitive data access behavior caused by other attacks.
2023-08-18
Doraswamy, B., Krishna, K. Lokesh.  2022.  A Deep Learning Approach for Anomaly Detection in Industrial Control Systems. 2022 International Conference on Augmented Intelligence and Sustainable Systems (ICAISS). :442—448.
An Industrial Control System (ICS) is essential in monitoring and controlling critical infrastructures such as safety and security. Internet of Things (IoT) in ICSs allows cyber-criminals to utilize systems' vulnerabilities towards deploying cyber-attacks. To distinguish risks and keep an eye on malicious activity in networking systems, An Intrusion Detection System (IDS) is essential. IDS shall be used by system admins to identify unwanted accesses by attackers in various industries. It is now a necessary component of each organization's security governance. The main objective of this intended work is to establish a deep learning-depended intrusion detection system that can quickly identify intrusions and other unwanted behaviors that have the potential to interfere with networking systems. The work in this paper uses One Hot encoder for preprocessing and the Auto encoder for feature extraction. On KDD99 CUP, a data - set for network intruding, we categorize the normal and abnormal data applying a Deep Convolutional Neural Network (DCNN), a deep learning-based methodology. The experimental findings demonstrate that, in comparison with SVM linear Kernel model, SVM RBF Kernel model, the suggested deep learning model operates better.
Varkey, Mariam, John, Jacob, S., Umadevi K..  2022.  Automated Anomaly Detection Tool for Industrial Control System. 2022 IEEE Conference on Dependable and Secure Computing (DSC). :1—6.
Industrial Control Systems (ICS) are not secure by design–with recent developments requiring them to connect to the Internet, they tend to be highly vulnerable. Additionally, attacks on critical infrastructures such as power grids and nuclear plants can cause significant damage and loss of lives. Since such attacks tend to generate anomalies in the systems, an efficient way of attack detection is to monitor the systems and identify anomalies in real-time. An automated anomaly detection tool is introduced in this paper. Additionally, the functioning of the systems is viewed as Finite State Automata. Specific sensor measurements are used to determine permissible transitions, and statistical measures such as the Interquartile Range are used to determine acceptable boundaries for the remaining sensor measurements provided by the system. Deviations from the boundaries or permissible transitions are considered as anomalies. An additional feature is the provision of a finite state automata diagram that provides the operational constraints of a system, given a set of regulated input. This tool showed a high anomaly detection rate when tested with three types of ICS. The concepts are also benchmarked against a state-of-the-art anomaly detection algorithm called Isolation Forest, and the results are provided.
Li, Shijie, Liu, Junjiao, Pan, Zhiwen, Lv, Shichao, Si, Shuaizong, Sun, Limin.  2022.  Anomaly Detection based on Robust Spatial-temporal Modeling for Industrial Control Systems. 2022 IEEE 19th International Conference on Mobile Ad Hoc and Smart Systems (MASS). :355—363.
Industrial Control Systems (ICS) are increasingly facing the threat of False Data Injection (FDI) attacks. As an emerging intrusion detection scheme for ICS, process-based Intrusion Detection Systems (IDS) can effectively detect the anomalies caused by FDI attacks. Specifically, such IDS establishes anomaly detection model which can describe the normal pattern of industrial processes, then perform real-time anomaly detection on industrial process data. However, this method suffers low detection accuracy due to the complexity and instability of industrial processes. That is, the process data inherently contains sophisticated nonlinear spatial-temporal correlations which are hard to be explicitly described by anomaly detection model. In addition, the noise and disturbance in process data prevent the IDS from distinguishing the real anomaly events. In this paper, we propose an Anomaly Detection approach based on Robust Spatial-temporal Modeling (AD-RoSM). Concretely, to explicitly describe the spatial-temporal correlations within the process data, a neural based state estimation model is proposed by utilizing 1D CNN for temporal modeling and multi-head self attention mechanism for spatial modeling. To perform robust anomaly detection in the presence of noise and disturbance, a composite anomaly discrimination model is designed so that the outputs of the state estimation model can be analyzed with a combination of threshold strategy and entropy-based strategy. We conducted extensive experiments on two benchmark ICS security datasets to demonstrate the effectiveness of our approach.
2023-05-11
Li, Hongwei, Chasaki, Danai.  2022.  Network-Based Machine Learning Detection of Covert Channel Attacks on Cyber-Physical Systems. 2022 IEEE 20th International Conference on Industrial Informatics (INDIN). :195–201.
Most of the recent high-profile attacks targeting cyber-physical systems (CPS) started with lengthy reconnaissance periods that enabled attackers to gain in-depth understanding of the victim’s environment. To simulate these stealthy attacks, several covert channel tools have been published and proven effective in their ability to blend into existing CPS communication streams and have the capability for data exfiltration and command injection.In this paper, we report a novel machine learning feature engineering and data processing pipeline for the detection of covert channel attacks on CPS systems with real-time detection throughput. The system also operates at the network layer without requiring physical system domain-specific state modeling, such as voltage levels in a power generation system. We not only demonstrate the effectiveness of using TCP payload entropy as engineered features and the technique of grouping information into network flows, but also pitch the proposed detector against scenarios employing advanced evasion tactics, and still achieve above 99% detection performance.
2023-02-17
Urooj, Beenish, Ullah, Ubaid, Shah, Munam Ali, Sikandar, Hira Shahzadi, Stanikzai, Abdul Qarib.  2022.  Risk Assessment of SCADA Cyber Attack Methods: A Technical Review on Securing Automated Real-time SCADA Systems. 2022 27th International Conference on Automation and Computing (ICAC). :1–6.
The world’s most important industrial economy is particularly vulnerable to both external and internal threats, such as the one uncovered in Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS). Upon those systems, the success criteria for security are quite dynamic. Security flaws in these automated SCADA systems have already been discovered by infiltrating the entire network in addition to reducing production line hazards. The objective of our review article is to show various potential future research voids that recent studies have, as well as how many methods are available to concentrate on specific aspects of risk assessment of manufactured systems. The state-of-the-art methods in cyber security risk assessment of SCADA systems are reviewed and compared in this research. Multiple contemporary risk assessment approaches developed for or deployed in the settings of a SCADA system are considered and examined in detail. We outline the approaches’ main points before analyzing them in terms of risk assessment, conventional analytical procedures, and research challenges. The paper also examines possible risk regions or locations where breaches in such automated SCADA systems can emerge, as well as solutions as to how to safeguard and eliminate the hazards when they arise during production manufacturing.
2023-02-03
Zou, Zhenwan, Yin, Jun, Yang, Ling, Luo, Cheng, Fei, Jiaxuan.  2022.  Research on Nondestructive Vulnerability Detection Technology of Power Industrial Control System. 2022 IEEE 6th Information Technology and Mechatronics Engineering Conference (ITOEC). 6:1591–1594.

The power industrial control system is an important part of the national critical Information infrastructure. Its security is related to the national strategic security and has become an important target of cyber attacks. In order to solve the problem that the vulnerability detection technology of power industrial control system cannot meet the requirement of non-destructive, this paper proposes an industrial control vulnerability analysis technology combined with dynamic and static analysis technology. On this basis, an industrial control non-destructive vulnerability detection system is designed, and a simulation verification platform is built to verify the effectiveness of the industrial control non-destructive vulnerability detection system. These provide technical support for the safety protection research of the power industrial control system.

ISSN: 2693-289X

2022-09-30
Baptiste, Millot, Julien, Francq, Franck, Sicard.  2021.  Systematic and Efficient Anomaly Detection Framework using Machine Learning on Public ICS Datasets. 2021 IEEE International Conference on Cyber Security and Resilience (CSR). :292–297.
Industrial Control Systems (ICSs) are used in several domains such as Transportation, Manufacturing, Defense and Power Generation and Distribution. ICSs deal with complex physical systems in order to achieve an industrial purpose with operational safety. Security has not been taken into account by design in these systems that makes them vulnerable to cyberattacks.In this paper, we rely on existing public ICS datasets as well as on the existing literature of Machine Learning (ML) applications for anomaly detection in ICSs in order to improve detection scores. To perform this purpose, we propose a systematic framework, relying on established ML algorithms and suitable data preprocessing methods, which allows us to quickly get efficient, and surprisingly, better results than the literature. Finally, some recommendations for future public ICS dataset generations end this paper, which would be fruitful for improving future attack detection models and then protect new ICSs designed in the next future.
2022-09-29
Alsabbagh, Wael, Langendorfer, Peter.  2021.  A Fully-Blind False Data Injection on PROFINET I/O Systems. 2021 IEEE 30th International Symposium on Industrial Electronics (ISIE). :1–8.
This paper presents a fully blind false data injection (FDI) attack against an industrial field-bus i.e. PROFINET that is widely used in Siemens distributed Input/Output (I/O) systems. In contrast to the existing academic efforts in the research community which assume that an attacker is already familiar with the target system, and has a full knowledge of what is being transferred from the sensors or to the actuators in the remote I/O module, our attack overcomes these strong assumptions successfully. For a real scenario, we first sniff and capture real time data packets (PNIO-RT) that are exchanged between the IO-Controller and the IO-Device. Based on the collected data, we create an I/O database that is utilized to replace the correct data with false one automatically and online. Our full attack-chain is implemented on a real industrial setting based on Siemens devices, and tested for two scenarios. In the first one, we manipulate the data that represents the actual sensor readings sent from the IO-Device to the IO-Controller, whereas in the second scenario we aim at manipulating the data that represents the actuator values sent from the IO-Controller to the IO-Device. Our results show that compromising PROFINET I/O systems in the both tested scenarios is feasible, and the physical process to be controlled is affected. Eventually we suggest some possible mitigation solutions to secure our systems from such threats.
2022-08-12
Knesek, Kolten, Wlazlo, Patrick, Huang, Hao, Sahu, Abhijeet, Goulart, Ana, Davis, Kate.  2021.  Detecting Attacks on Synchrophasor Protocol Using Machine Learning Algorithms. 2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :102—107.
Phasor measurement units (PMUs) are used in power grids across North America to measure the amplitude, phase, and frequency of an alternating voltage or current. PMU's use the IEEE C37.118 protocol to send telemetry to phasor data collectors (PDC) and human machine interface (HMI) workstations in a control center. However, the C37.118 protocol utilizes the internet protocol stack without any authentication mechanism. This means that the protocol is vulnerable to false data injection (FDI) and false command injection (FCI). In order to study different scenarios in which C37.118 protocol's integrity and confidentiality can be compromised, we created a testbed that emulates a C37.118 communication network. In this testbed we conduct FCI and FDI attacks on real-time C37.118 data packets using a packet manipulation tool called Scapy. Using this platform, we generated C37.118 FCI and FDI datasets which are processed by multi-label machine learning classifier algorithms, such as Decision Tree (DT), k-Nearest Neighbor (kNN), and Naive Bayes (NB), to find out how effective machine learning can be at detecting such attacks. Our results show that the DT classifier had the best precision and recall rate.
2022-06-09
Qiang, Rong.  2021.  Improved Depth Neural Network Industrial Control Security Algorithm Based On PCA Dimension Reduction. 2021 4th International Conference on Advanced Electronic Materials, Computers and Software Engineering (AEMCSE). :891–894.
In order to improve the security and anti-interference ability of industrial control system, this paper proposes an improved industrial neural network defense method based on the PCA dimension reduction and the improved deep neural network. Firstly, the proposed method reduces the dimensionality of the industrial data using the dimension reduction theory of principal component analysis (PCA). Then the deep neural network extracts the features of the network. Finally, the softmax classifier classifies industrial data. Experiment results show that compared with unintegrated algorithm, this method achieves higher recognition accuracy and has great application potential.
Hu, Peng, Yang, Baihua, Wang, Dong, Wang, Qile, Meng, Kaifeng, Wang, Yinsheng, Chen, Zhen.  2021.  Research on Cybersecurity Strategy and Key Technology of the Wind Farms’ Industrial Control System. 2021 IEEE International Conference on Electrical Engineering and Mechatronics Technology (ICEEMT). :357–361.
Affected by the inherent ideas like "Focus on Function Realization, Despise Security Protection", there are lots of hidden threats in the industrial control system of wind farms (ICS-WF), such as unreasonable IP configuration, failure in virus detection and killing, which are prone to illegal invasion and attack from the cyberspace. Those unexpected unauthorized accesses are quite harmful for the stable operation of the wind farms and regional power grid. Therefore, by investigating the current security situation and needs of ICS-WF, analyzing the characteristics of ICS-WF’s architecture and internal communication, and integrating the ideas of the classified protection of cybersecurity, this paper proposes a new customized cybersecurity strategy for ICS-WF based on the barrel theory. We also introduce an new anomalous intrusion detection technology for ICS-WF, which is developed based on statistical models of wind farm network characteristics. Finally, combined all these work with the network security offense and defense drill in the industrial control safety simulation laboratory of wind farms, this research formulates a three-dimensional comprehensive protection solution for ICS-WF, which significantly improves the cybersecurity level of ICS-WF.
Garrocho, Charles Tim Batista, Oliveira, Karine Nogueira, Sena, David José, da Cunha Cavalcanti, Carlos Frederico Marcelo, Oliveira, Ricardo Augusto Rabelo.  2021.  BACE: Blockchain-based Access Control at the Edge for Industrial Control Devices of Industry 4.0. 2021 XI Brazilian Symposium on Computing Systems Engineering (SBESC). :1–8.
The Industrial Internet of Things is expected to attract significant investments for Industry 4.0. In this new environment, the blockchain has immediate potential in industrial applications, providing unchanging, traceable and auditable access control. However, recent work and present in blockchain literature are based on a cloud infrastructure that requires significant investments. Furthermore, due to the placement and distance of the cloud infrastructure to industrial control devices, such approaches present a communication latency that can compromise the strict deadlines for accessing and communicating with this device. In this context, this article presents a blockchain-based access control architecture, which is deployed directly to edge devices positioned close to devices that need access control. Performance assessments of the proposed approach were carried out in practice in an industrial mining environment. The results of this assessment demonstrate the feasibility of the proposal and its performance compared to cloud-based approaches.
Ude, Okechukwu, Swar, Bobby.  2021.  Securing Remote Access Networks Using Malware Detection Tools for Industrial Control Systems. 2021 4th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS). :166–171.
With their role as an integral part of its infrastructure, Industrial Control Systems (ICS) are a vital part of every nation's industrial development drive. Despite several significant advancements - such as controlled-environment agriculture, automated train systems, and smart homes, achieved in critical infrastructure sectors through the integration of Information Systems (IS) and remote capabilities with ICS, the fact remains that these advancements have introduced vulnerabilities that were previously either nonexistent or negligible, one being Remote Access Trojans (RATs). Present RAT detection methods either focus on monitoring network traffic or studying event logs on host systems. This research's objective is the detection of RATs by comparing actual utilized system capacity to reported utilized system capacity. To achieve the research objective, open-source RAT detection methods were identified and analyzed, a GAP-analysis approach was used to identify the deficiencies of each method, after which control algorithms were developed into source code for the solution.
Atluri, Venkata, Horne, Jeff.  2021.  A Machine Learning based Threat Intelligence Framework for Industrial Control System Network Traffic Indicators of Compromise. SoutheastCon 2021. :1–5.
Cyber-attacks on our Nation's Critical Infrastructure are growing. In this research, a Cyber Threat Intelligence (CTI) framework is proposed, developed, and tested. The results of the research, using 5 different simulated attacks on a dataset from an Industrial Control System (ICS) testbed, are presented with the extracted IOCs. The Bagging Decision Trees model showed the highest performance of testing accuracy (94.24%), precision (0.95), recall (0.93), and F1-score (0.94) among the 9 different machine learning models studied.
Pyatnitsky, Ilya A., Sokolov, Alexander N..  2021.  Determination of the Optimal Ratio of Normal to Anomalous Points in the Problem of Detecting Anomalies in the Work of Industrial Control Systems. 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :0478–0480.

Algorithms for unsupervised anomaly detection have proven their effectiveness and flexibility, however, first it is necessary to calculate with what ratio a certain class begins to be considered anomalous by the autoencoder. For this reason, we propose to conduct a study of the efficiency of autoencoders depending on the ratio of anomalous and non-anomalous classes. The emergence of high-speed networks in electric power systems creates a tight interaction of cyberinfrastructure with the physical infrastructure and makes the power system susceptible to cyber penetration and attacks. To address this problem, this paper proposes an innovative approach to develop a specification-based intrusion detection framework that leverages available information provided by components in a contemporary power system. An autoencoder is used to encode the causal relations among the available information to create patterns with temporal state transitions, which are used as features in the proposed intrusion detection. This allows the proposed method to detect anomalies and cyber attacks.

Jie, Chen.  2021.  Information Security Risk Assessment of Industrial Control System Based on Hybrid Genetic Algorithms. 2021 13th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA). :423–426.
In order to solve the problem of quantitative assessment of information security risks in industrial control systems, this paper proposes a method of information security risk assessment for industrial control systems based on modular hybrid genetic algorithm. Combining with the characteristics of industrial control systems, the use of hybrid genetic algorithm evidence theory to identify, evaluate and assess assets and threats, and ultimately come to the order of the size of the impact of security threats on the specific industrial control system information security. This method can provide basis for making decisions to reduce information security risks in the control system from qualitative and quantitative aspects.