Machine Learning Approaches in Cyber Attack Detection and Characterization in IoT enabled Cyber-Physical Systems

Abstract

Cyber-physical systems (CPS) enabled by the Internet of Things (IoT) provide unique security challenges since solutions designed for traditional Operational Technology (OT) and Information Technology (IT) systems may not be adequate in a Cyber-Physical System environment. With that in mind, this research introduces a two-tiered integrated attack detection and attack attribution framework ideal for Cyber-physical systems (CPS), and more particularly in an Industrial Control System (ICS). In order to identify assaults in unbalanced ICS settings, in the first phase, a unique ensemble deep-representational learning model is coupled with a decision tree classifier. In the next phase, an attack attribution ensemble deep neural network is developed. Datasets from the MODBUS and the natural gas pipeline industry are used to test the accuracy of the proposed model. The proposed model outperforms comparable models with a similar degree of computational complexity.