| 1. |
- Faramondi, L., et al.
(författare)
-
A Hardware-in-the-Loop Water Distribution Testbed Dataset for Cyber-Physical Security Testing
- 2021
-
Ingår i: IEEE Access. - 2169-3536. ; 9, s. 122385-1223896
-
Tidskriftsartikel (refereegranskat)abstract
- This paper presents a dataset to support researchers in the validation process of solutions such as Intrusion Detection Systems (IDS) based on artificial intelligence and machine learning techniques for the detection and categorization of threats in Cyber Physical Systems (CPS). To this end, data were acquired from a hardware-in-the-loop Water Distribution Testbed (WDT) which emulates water flowing between eight tanks via solenoid-valves, pumps, pressure and flow sensors. The testbed is composed of a real subsystem that is virtually connected to a simulated one. The proposed dataset encompasses both physical and network data in order to highlight the consequences of attacks in the physical process as well as in network traffic behaviour. Simulations data are organized in four different acquisitions for a total duration of 2 hours by considering normal scenario and multiple anomalies due to cyber and physical attacks.
|
|
| 2. |
- Faramondi, L., et al.
(författare)
-
Evaluating Machine Learning Approaches for Cyber and Physical Anomalies in SCADA Systems
- 2023
-
Ingår i: Proc. IEEE Int. Conf. Cyber Security Resilience, CSR. - : Institute of Electrical and Electronics Engineers Inc.. - 9798350311709 ; , s. 412-417
-
Konferensbidrag (refereegranskat)abstract
- In recent years, machine learning (ML) techniques have been widely adopted as anomaly-based Intrusion Detection System in order to evaluate cyber and physical attacks against Industrial Control Systems. Nevertheless, a performance comparison of such techniques applied to multiple Cyber-Physical Systems datasets is still missing. In light of this, we propose a comparative study about the performance of four supervised ML-algorithms, Random Forest, k-nearest-Neighbors, Support-Vector-Machine and Naïve-Bayes, applied to three different publicly available datasets from water testbeds. Specifically, we consider three different scenarios where we evaluate: (1) the ability to detect cyber and physical anomalies with respect to the nominal samples, (2) the ability to detect specific types of cyber and physical attacks and (3) the ability to recognize unforeseen attacks without providing any previous knowledge about them. Results show the effectiveness of the ML-techniques in identifying cyber and physical anomalies under some assumptions about their effects on the process dynamics.
|
|
| 3. |
|
|
| 4. |
- Perrone, P., et al.
(författare)
-
Machine Learning for Threat Recognition in Critical Cyber-Physical Systems
- 2021
-
Ingår i: 2021 IEEE International Conference on Cyber Security and Resilience (CSR), 2021. - 9781665402859 ; , s. 298-303
-
Konferensbidrag (refereegranskat)abstract
- Cybersecurity has become an emerging challenge for business information management and critical infrastructure protection in recent years. Artificial Intelligence (AI) has been widely used in different fields, but it is still relatively new in the area of Cyber-Physical Systems (CPS) security. In this paper, we provide an approach based on Machine Learning (ML) to intelligent threat recognition to enable run-time risk assessment for superior situation awareness in CPS security monitoring. With the aim of classifying malicious activity, several machine learning methods, such as k-nearest neighbours (kNN), Naïve Bayes (NB), Support Vector Machine (SVM), Decision Tree (DT) and Random Forest (RF), have been applied and compared using two different publicly available real-world testbeds. The results show that RF allowed for the best classification performance. When used in reference industrial applications, the approach allows security control room operators to get notified of threats only when classification confidence will be above a threshold, hence reducing the stress of security managers and effectively supporting their decisions.
|
|
