| Title | SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Nakhodchi, Sanaz, Zolfaghari, Behrouz, Yazdinejad, Abbas, Dehghantanha, Ali |
| Conference Name | 2021 18th International Conference on Privacy, Security and Trust (PST) |
| Keywords | attack attribution, attack detection, attribution, BoF, boosting, Categorical Boosting, composability, critical infrastructure, feature extraction, Human Behavior, industrial control, industrial control system, Metrics, Predictive models, privacy, pubcrawl, security, Semi-Deep learning |
| Abstract | The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score. |
| DOI | 10.1109/PST52912.2021.9647777 |
| Citation Key | nakhodchi_steeleye_2021 |
SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning