Sökning: id:"swepub:oai:DiVA.org:mdh-64444" >
Evaluating Machine ...
Evaluating Machine Learning Approaches for Cyber and Physical Anomalies in SCADA Systems
-
- Faramondi, L. (författare)
- University Campus Bio-Medico di Roma, Unit of Automatic Control, Rome, Italy
-
- Flammini, Francesco, Senior Lecturer, 1978- (författare)
- Mälardalens universitet,Innovation och produktrealisering,University of Applied Sciences and Arts of Southern Switzerland, IDSIA USI-SUPSI, Department of Innovative Technologies, Lugano, Switzerland
-
- Guarino, S. (författare)
- University Campus Bio-Medico di Roma, Unit of Automatic Control, Rome, Italy
-
visa fler...
-
- Setola, R. (författare)
- University Campus Bio-Medico di Roma, Unit of Automatic Control, Rome, Italy
-
visa färre...
-
(creator_code:org_t)
- Institute of Electrical and Electronics Engineers Inc. 2023
- 2023
- Engelska.
-
Ingår i: Proc. IEEE Int. Conf. Cyber Security Resilience, CSR. - : Institute of Electrical and Electronics Engineers Inc.. - 9798350311709 ; , s. 412-417
- Relaterad länk:
-
https://urn.kb.se/re...
-
visa fler...
-
https://doi.org/10.1...
-
visa färre...
Abstract
Ämnesord
Stäng
- In recent years, machine learning (ML) techniques have been widely adopted as anomaly-based Intrusion Detection System in order to evaluate cyber and physical attacks against Industrial Control Systems. Nevertheless, a performance comparison of such techniques applied to multiple Cyber-Physical Systems datasets is still missing. In light of this, we propose a comparative study about the performance of four supervised ML-algorithms, Random Forest, k-nearest-Neighbors, Support-Vector-Machine and Naïve-Bayes, applied to three different publicly available datasets from water testbeds. Specifically, we consider three different scenarios where we evaluate: (1) the ability to detect cyber and physical anomalies with respect to the nominal samples, (2) the ability to detect specific types of cyber and physical attacks and (3) the ability to recognize unforeseen attacks without providing any previous knowledge about them. Results show the effectiveness of the ML-techniques in identifying cyber and physical anomalies under some assumptions about their effects on the process dynamics.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences (hsv//eng)
Nyckelord
- Computer crime
- Cyber Physical System
- Embedded systems
- Intrusion detection
- Learning systems
- Nearest neighbor search
- SCADA systems
- Anomaly based intrusion detection systems
- Cybe-physical systems
- Cyber-attacks
- Cyber-physical systems
- Industrial control systems
- Machine learning approaches
- Machine learning techniques
- Performance comparison
- Physical attacks
- Still missing
- Support vector machines
Publikations- och innehållstyp
- ref (ämneskategori)
- kon (ämneskategori)
Hitta via bibliotek
Till lärosätets databas