A Deep Multi-Modal Cyber-Attack Detection in Industrial Control Systems

• URL: http://arxiv.org/abs/2304.01440v1
• Date: Tue, 4 Apr 2023 01:27:21 GMT
• Title: A Deep Multi-Modal Cyber-Attack Detection in Industrial Control Systems
• Authors: Sepideh Bahadoripour, Ethan MacDonald, Hadis Karimipour
• Abstract summary: This research utilizes network and sensor modality data from ICS processed with a deep multi-modal cyber-attack detection model for ICS. Results show that the proposed model can outperform existing single modality models and recent works in the literature.
• Score: 1.0312968200748118
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The growing number of cyber-attacks against Industrial Control Systems (ICS) in recent years has elevated security concerns due to the potential catastrophic impact. Considering the complex nature of ICS, detecting a cyber-attack in them is extremely challenging and requires advanced methods that can harness multiple data modalities. This research utilizes network and sensor modality data from ICS processed with a deep multi-modal cyber-attack detection model for ICS. Results using the Secure Water Treatment (SWaT) system show that the proposed model can outperform existing single modality models and recent works in the literature by achieving 0.99 precision, 0.98 recall, and 0.98 f-measure, which shows the effectiveness of using both modalities in a combined model for detecting cyber-attacks.

Related papers

• Enhanced Anomaly Detection in Industrial Control Systems aided by Machine Learning [2.2457306746668766]
  This study investigates whether combining both network and process data can improve attack detection in ICSs environments. Our findings suggest that integrating network traffic with operational process data can enhance detection capabilities. Although the results are promising, they are preliminary and highlight the need for further studies.
  arXiv  Detail & Related papers  (2024-10-25T17:41:33Z)
• Countering Autonomous Cyber Threats [40.00865970939829]
  Foundation Models present dual-use concerns broadly and within the cyber domain specifically. Recent research has shown the potential for these advanced models to inform or independently execute offensive cyberspace operations. This work evaluates several state-of-the-art FMs on their ability to compromise machines in an isolated network and investigates defensive mechanisms to defeat such AI-powered attacks.
  arXiv  Detail & Related papers  (2024-10-23T22:46:44Z)
• Redefining DDoS Attack Detection Using A Dual-Space Prototypical Network-Based Approach [38.38311259444761]
  We introduce a new deep learning-based technique for detecting DDoS attacks. We propose a new dual-space prototypical network that leverages a unique dual-space loss function. This approach capitalizes on the strengths of representation learning within the latent space.
  arXiv  Detail & Related papers  (2024-06-04T03:22:52Z)
• Advancing DDoS Attack Detection: A Synergistic Approach Using Deep Residual Neural Networks and Synthetic Oversampling [2.988269372716689]
  We introduce an enhanced approach for DDoS attack detection by leveraging the capabilities of Deep Residual Neural Networks (ResNets) We balance the representation of benign and malicious data points, enabling the model to better discern intricate patterns indicative of an attack. Experimental results on a real-world dataset demonstrate that our approach achieves an accuracy of 99.98%, significantly outperforming traditional methods.
  arXiv  Detail & Related papers  (2024-01-06T03:03:52Z)
• MEAOD: Model Extraction Attack against Object Detectors [45.817537875368956]
  Model extraction attacks allow attackers to replicate a substitute model with comparable functionality to the victim model. We propose an effective attack method called MEAOD for object detection models. We achieve an extraction performance of over 70% under the given condition of a 10k query budget.
  arXiv  Detail & Related papers  (2023-12-22T13:28:50Z)
• An Approach to Abstract Multi-stage Cyberattack Data Generation for ML-Based IDS in Smart Grids [2.5655761752240505]
  We propose a method to generate synthetic data using a graph-based approach for training machine learning models in smart grids. We use an abstract form of multi-stage cyberattacks defined via graph formulations and simulate the propagation behavior of attacks in the network.
  arXiv  Detail & Related papers  (2023-12-21T11:07:51Z)
• A Variational Autoencoder Framework for Robust, Physics-Informed Cyberattack Recognition in Industrial Cyber-Physical Systems [2.051548207330147]
  We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on industrial control systems. The framework has a hybrid design that combines a variational autoencoder (VAE), a recurrent neural network (RNN), and a Deep Neural Network (DNN)
  arXiv  Detail & Related papers  (2023-10-10T19:07:53Z)
• Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
  This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs. Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
  arXiv  Detail & Related papers  (2021-01-28T16:38:26Z)
• Firearm Detection via Convolutional Neural Networks: Comparing a Semantic Segmentation Model Against End-to-End Solutions [68.8204255655161]
  Threat detection of weapons and aggressive behavior from live video can be used for rapid detection and prevention of potentially deadly incidents. One way for achieving this is through the use of artificial intelligence and, in particular, machine learning for image analysis. We compare a traditional monolithic end-to-end deep learning model and a previously proposed model based on an ensemble of simpler neural networks detecting fire-weapons via semantic segmentation.
  arXiv  Detail & Related papers  (2020-12-17T15:19:29Z)
• Deep Learning based Covert Attack Identification for Industrial Control Systems [5.299113288020827]
  We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids. The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
  arXiv  Detail & Related papers  (2020-09-25T17:48:43Z)
• Risk-Sensitive Sequential Action Control with Multi-Modal Human Trajectory Forecasting for Safe Crowd-Robot Interaction [55.569050872780224]
  We present an online framework for safe crowd-robot interaction based on risk-sensitive optimal control, wherein the risk is modeled by the entropic risk measure. Our modular approach decouples the crowd-robot interaction into learning-based prediction and model-based control. A simulation study and a real-world experiment show that the proposed framework can accomplish safe and efficient navigation while avoiding collisions with more than 50 humans in the scene.
  arXiv  Detail & Related papers  (2020-09-12T02:02:52Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.