Title | On the Performance of Isolation Forest and Multi Layer Perceptron for Anomaly Detection in Industrial Control Systems Networks |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Alqurashi, Saja, Shirazi, Hossein, Ray, Indrakshi |
Conference Name | 2021 8th International Conference on Internet of Things: Systems, Management and Security (IOTSMS) |
Keywords | Deep Learning, deep neural networks, Forestry, ICs, ICS Anomaly Detection, iForest, industrial control, integrated circuits, Intrusion detection, machine learning algorithms, MLP, Neural networks, pubcrawl, reconnaissance attack, resilience, Resiliency, SCADA, Scalability |
Abstract | With an increasing number of adversarial attacks against Industrial Control Systems (ICS) networks, enhancing the security of such systems is invaluable. Although attack prevention strategies are often in place, protecting against all attacks, especially zero-day attacks, is becoming impossible. Intrusion Detection Systems (IDS) are needed to detect such attacks promptly. Machine learning-based detection systems, especially deep learning algorithms, have shown promising results and outperformed other approaches. In this paper, we study the efficacy of a deep learning approach, namely, Multi Layer Perceptron (MLP), in detecting abnormal behaviors in ICS network traffic. We focus on very common reconnaissance attacks in ICS networks. In such attacks, the adversary focuses on gathering information about the targeted network. To evaluate our approach, we compare MLP with isolation Forest (i Forest), a statistical machine learning approach. Our proposed deep learning approach achieves an accuracy of more than 99% while i Forest achieves only 75%. This helps to reinforce the promise of using deep learning techniques for anomaly detection. |
DOI | 10.1109/IOTSMS53705.2021.9704986 |
Citation Key | alqurashi_performance_2021 |