| Title | Industrial Control System Intrusion Detection Model based on LSTM Attack Tree |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Xingjie, F., Guogenp, W., ShiBIN, Z., ChenHAO |
| Conference Name | 2020 17th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP) |
| Date Published | dec |
| Keywords | attack tree, compositionality, Computer hacking, computer network security, constructed attack tree model, Hidden Markov models, ICs, IDS, industrial control, Industrial control system intrusion detection model, Information Reuse and Security, Internet, Intrusion detection, Logic gates, LSTM, LSTM & attack tree, Predictive models, pubcrawl, Resiliency, traditional intrusion detection systems, traditional network security, trees (mathematics) |
| Abstract | With the rapid development of the Industrial Internet, the network security risks faced by industrial control systems (ICSs) are becoming more and more intense. How to do a good job in the security protection of industrial control systems is extremely urgent. For traditional network security, industrial control systems have some unique characteristics, which results in traditional intrusion detection systems that cannot be directly reused on it. Aiming at the industrial control system, this paper constructs all attack paths from the hacker's perspective through the attack tree model, and uses the LSTM algorithm to identify and classify the attack behavior, and then further classify the attack event by extracting atomic actions. Finally, through the constructed attack tree model, the results are reversed and predicted. The results show that the model has a good effect on attack recognition, and can effectively analyze the hacker attack path and predict the next attack target. |
| DOI | 10.1109/ICCWAMTIP51612.2020.9317477 |
| Citation Key | xingjie_industrial_2020 |
Industrial Control System Intrusion Detection Model based on LSTM Attack Tree