Ensemble Common Features Technique for Lightweight Intrusion Detection in Industrial Control System

2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS) Pub Date : 2023-05-08 DOI:10.1109/ICPS58381.2023.10128040

Uneneibotejit Otokwala, Andrei V. Petrovski

{"title":"Ensemble Common Features Technique for Lightweight Intrusion Detection in Industrial Control System","authors":"Uneneibotejit Otokwala, Andrei V. Petrovski","doi":"10.1109/ICPS58381.2023.10128040","DOIUrl":null,"url":null,"abstract":"The integration of the Industrial Control System (ICS) with corporate intranets and the internet has exposed the previously isolated SCADA system to a wide range of cyber-attacks. Interestingly, the vulnerabilities in the Modbus protocol, with which the ICS communicates, make data obfuscation and communication between component entities less secure. In this work, we propose a Common Features Technique (CFT) for Lightweight Intrusion Detection based on an ensembled feature selection approach. Our Common Features Technique, which used fewer features, was able to detect intrusion at the same level as models using information gain, Chi-Squared, and Gini Index feature selection techniques datasets after fitting Random Forest (RF), Support Vector Machine (SVM), and K-Nearest Neighbour (KNN) models. More importantly, when p-values were computed, the CFT model computation time and memory usage were statistically significantly different at 95% and 90% Confidence Interval (CI) when compared to the model on the other techniques.","PeriodicalId":426122,"journal":{"name":"2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICPS58381.2023.10128040","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The integration of the Industrial Control System (ICS) with corporate intranets and the internet has exposed the previously isolated SCADA system to a wide range of cyber-attacks. Interestingly, the vulnerabilities in the Modbus protocol, with which the ICS communicates, make data obfuscation and communication between component entities less secure. In this work, we propose a Common Features Technique (CFT) for Lightweight Intrusion Detection based on an ensembled feature selection approach. Our Common Features Technique, which used fewer features, was able to detect intrusion at the same level as models using information gain, Chi-Squared, and Gini Index feature selection techniques datasets after fitting Random Forest (RF), Support Vector Machine (SVM), and K-Nearest Neighbour (KNN) models. More importantly, when p-values were computed, the CFT model computation time and memory usage were statistically significantly different at 95% and 90% Confidence Interval (CI) when compared to the model on the other techniques.

查看原文本刊更多论文

工业控制系统中轻量级入侵检测的集成公共特征技术

工业控制系统(ICS)与企业内部网和互联网的集成使以前孤立的SCADA系统暴露在广泛的网络攻击之下。有趣的是，ICS通信使用的Modbus协议中的漏洞使得组件实体之间的数据混淆和通信不那么安全。在这项工作中，我们提出了一种基于集成特征选择方法的轻量级入侵检测公共特征技术(CFT)。在拟合随机森林(RF)、支持向量机(SVM)和k近邻(KNN)模型后，我们的共同特征技术使用较少的特征，能够在与使用信息增益、卡方和基尼指数特征选择技术数据集的模型相同的水平上检测入侵。更重要的是，当计算p值时，与其他技术上的模型相比，CFT模型在95%和90%置信区间(CI)下的计算时间和内存使用具有统计学显著差异。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)

自引率

0.00%

发文量