SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning

Sanaz Nakhodchi; Behrouz Zolfaghari; Abbas Yazdinejad; Ali Dehghantanha

doi:10.1109/PST52912.2021.9647777

SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning

Sanaz Nakhodchi, Behrouz Zolfaghari, Abbas Yazdinejad, Ali Dehghantanha

研究成果: Conference contribution

2 被引用数 (Scopus)

抄録

The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score.

本文言語	English
ホスト出版物のタイトル	2021 18th International Conference on Privacy, Security and Trust, PST 2021
出版社	Institute of Electrical and Electronics Engineers Inc.
ISBN（電子版）	9781665401845
DOI	https://doi.org/10.1109/PST52912.2021.9647777
出版ステータス	Published - 2021
外部発表	はい
イベント	18th International Conference on Privacy, Security and Trust, PST 2021 - Auckland, New Zealand 継続期間: 2021 12月 13 → 2021 12月 15

出版物シリーズ

名前	2021 18th International Conference on Privacy, Security and Trust, PST 2021

Conference

Conference	18th International Conference on Privacy, Security and Trust, PST 2021
国/地域	New Zealand
City	Auckland
Period	21/12/13 → 21/12/15

ASJC Scopus subject areas

情報システム
情報システムおよび情報管理
安全性、リスク、信頼性、品質管理
器械工学

文献へのアクセス

10.1109/PST52912.2021.9647777

他のファイルとリンク

フィンガープリント

「SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル

Nakhodchi, S., Zolfaghari, B., Yazdinejad, A., & Dehghantanha, A. (2021). SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning. In 2021 18th International Conference on Privacy, Security and Trust, PST 2021 (2021 18th International Conference on Privacy, Security and Trust, PST 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/PST52912.2021.9647777

SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning. / Nakhodchi, Sanaz; Zolfaghari, Behrouz; Yazdinejad, Abbas その他.
2021 18th International Conference on Privacy, Security and Trust, PST 2021. Institute of Electrical and Electronics Engineers Inc., 2021. (2021 18th International Conference on Privacy, Security and Trust, PST 2021).

研究成果: Conference contribution

Nakhodchi, S, Zolfaghari, B, Yazdinejad, A & Dehghantanha, A 2021, SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning. in 2021 18th International Conference on Privacy, Security and Trust, PST 2021. 2021 18th International Conference on Privacy, Security and Trust, PST 2021, Institute of Electrical and Electronics Engineers Inc., 18th International Conference on Privacy, Security and Trust, PST 2021, Auckland, New Zealand, 21/12/13. https://doi.org/10.1109/PST52912.2021.9647777

Nakhodchi S, Zolfaghari B, Yazdinejad A, Dehghantanha A. SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning. In 2021 18th International Conference on Privacy, Security and Trust, PST 2021. Institute of Electrical and Electronics Engineers Inc. 2021. (2021 18th International Conference on Privacy, Security and Trust, PST 2021). doi: 10.1109/PST52912.2021.9647777

Nakhodchi, Sanaz ; Zolfaghari, Behrouz ; Yazdinejad, Abbas その他. / SteelEye : An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning. 2021 18th International Conference on Privacy, Security and Trust, PST 2021. Institute of Electrical and Electronics Engineers Inc., 2021. (2021 18th International Conference on Privacy, Security and Trust, PST 2021).

@inproceedings{1b8975df5ba343f0b7ef65591f1c506d,

title = "SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning",

abstract = "The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score.",

keywords = "Attack Attribution, Attack Detection, BoF, Categorical Boosting, Industrial Control System, Semi-Deep learning",

author = "Sanaz Nakhodchi and Behrouz Zolfaghari and Abbas Yazdinejad and Ali Dehghantanha",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 18th International Conference on Privacy, Security and Trust, PST 2021 ; Conference date: 13-12-2021 Through 15-12-2021",

year = "2021",

doi = "10.1109/PST52912.2021.9647777",

language = "English",

series = "2021 18th International Conference on Privacy, Security and Trust, PST 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "2021 18th International Conference on Privacy, Security and Trust, PST 2021",

}

TY - GEN

T1 - SteelEye

T2 - 18th International Conference on Privacy, Security and Trust, PST 2021

AU - Nakhodchi, Sanaz

AU - Zolfaghari, Behrouz

AU - Yazdinejad, Abbas

AU - Dehghantanha, Ali

PY - 2021

Y1 - 2021

N2 - The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score.

AB - The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score.

KW - Attack Attribution

KW - Attack Detection

KW - BoF

KW - Categorical Boosting

KW - Industrial Control System

KW - Semi-Deep learning

UR - http://www.scopus.com/inward/record.url?scp=85124095749&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85124095749&partnerID=8YFLogxK

U2 - 10.1109/PST52912.2021.9647777

DO - 10.1109/PST52912.2021.9647777

M3 - Conference contribution

AN - SCOPUS:85124095749

T3 - 2021 18th International Conference on Privacy, Security and Trust, PST 2021

BT - 2021 18th International Conference on Privacy, Security and Trust, PST 2021

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 13 December 2021 through 15 December 2021

ER -