Title | SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Nakhodchi, Sanaz, Zolfaghari, Behrouz, Yazdinejad, Abbas, Dehghantanha, Ali |
Conference Name | 2021 18th International Conference on Privacy, Security and Trust (PST) |
Keywords | attack attribution, attack detection, attribution, BoF, boosting, Categorical Boosting, composability, critical infrastructure, feature extraction, Human Behavior, industrial control, industrial control system, Metrics, Predictive models, privacy, pubcrawl, security, Semi-Deep learning |
Abstract | The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score. |
DOI | 10.1109/PST52912.2021.9647777 |
Citation Key | nakhodchi_steeleye_2021 |