嘉宾评论:用于安全网络物理工业控制系统的机器学习

IF 1.7 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Shichao Liu, Ligang Wu, Jose Ignacio Leon, Bo Chen
{"title":"嘉宾评论:用于安全网络物理工业控制系统的机器学习","authors":"Shichao Liu,&nbsp;Ligang Wu,&nbsp;Jose Ignacio Leon,&nbsp;Bo Chen","doi":"10.1049/cps2.12029","DOIUrl":null,"url":null,"abstract":"<p>Information and communication technologies have increasingly been used to support the exchange of measurements and control signals in industrial control systems, making them important applications of cyber-physical industrial control systems (CPICSs) such as electrical power systems and intelligent transportation systems. While the communication infrastructure significantly facilitates the transmission of vast amounts of data over wide geographical areas, it makes CPICSs vulnerable to cyber-attacks; protecting CPICSs of critical infrastructures from cyber-attacks is crucial and challenging. In order to secure CPICSs, a variety of open challenges need to be tackled, including cyber-physical system modelling approaches, advanced intrusion detection systems, and resilient estimation and control methods. Machine learning (ML) and its emerging algorithms offer the potential of dealing with large-scale data analysis, data processing and decision-making in the security of CPICSs.</p><p>This special issue publishes state-of-the-art ML-based solutions for the open challenges in securing CPICSs of critical infrastructures.</p><p>When modelling cyber-attacks in CPICSs, most of existing works consider using external disturbances, which follow certain assumptions. While it is not sufficient to model cyber-attacks simply as disturbances, the paper ‘Game theoretic vulnerability management for secondary frequency control of islanded microgrids against false data injection (FDI) attacks’ by S. Liu et al. considers the dynamic interaction between the smart attacker (the spoofer) and the defender the microgrid control centre (MGCC). The authors propose a stochastic game between the MGCC and the attacker for enhancing the vulnerability of the MGCC to FDI attack (wireless spoof attack).</p><p>As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are also exposed to cyber-attack threats. The paper ‘Mode-dependent switching control of bilateral teleoperation against random denial-of-service attacks’ by L. Hu et al. analyses the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and proposes a mode-dependent switching controller to mitigate the influence of DoS attacks.</p><p>While machine-learning algorithms are helpful in identifying cyber-attacks such as network intrusion, common network intrusion datasets are negatively affected by class imbalance; the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. The paper ‘Network intrusion detection using ML approaches: Addressing data imbalance’ by R. Ahsan et al. conducts a comparative evaluation on the impact of data imbalance of various ML algorithms and presents a hybrid voting classifier to improve the results.</p><p>To improve the anomaly detection performance when imbalanced datasets are used, the paper ‘A comparative analysis of CGAN-based oversampling for anomaly detection’ by R. Ahsan et al. proposes a CGAN-based anomaly detection solution by taking both data-level and algorithm-level structures into considerations.</p><p>The papers selected for this Special Issue cover a diversity of ML-based solutions for securing CPICSs, such as cyber-physical energy systems and tele-robotic systems. Furthermore, novel solutions for the data imbalance challenge in cyber-layer intrusion detection systems are highlighted in this issue. In future, ML and reinforcement learning algorithms may attract significant interests in tackling challenges in large-scale data analysis, data processing and decision-making involved in the security of CPICSs.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":null,"pages":null},"PeriodicalIF":1.7000,"publicationDate":"2022-02-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12029","citationCount":"0","resultStr":"{\"title\":\"Guest editorial: Machine learning for secure cyber-physical industrial control systems\",\"authors\":\"Shichao Liu,&nbsp;Ligang Wu,&nbsp;Jose Ignacio Leon,&nbsp;Bo Chen\",\"doi\":\"10.1049/cps2.12029\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Information and communication technologies have increasingly been used to support the exchange of measurements and control signals in industrial control systems, making them important applications of cyber-physical industrial control systems (CPICSs) such as electrical power systems and intelligent transportation systems. While the communication infrastructure significantly facilitates the transmission of vast amounts of data over wide geographical areas, it makes CPICSs vulnerable to cyber-attacks; protecting CPICSs of critical infrastructures from cyber-attacks is crucial and challenging. In order to secure CPICSs, a variety of open challenges need to be tackled, including cyber-physical system modelling approaches, advanced intrusion detection systems, and resilient estimation and control methods. Machine learning (ML) and its emerging algorithms offer the potential of dealing with large-scale data analysis, data processing and decision-making in the security of CPICSs.</p><p>This special issue publishes state-of-the-art ML-based solutions for the open challenges in securing CPICSs of critical infrastructures.</p><p>When modelling cyber-attacks in CPICSs, most of existing works consider using external disturbances, which follow certain assumptions. While it is not sufficient to model cyber-attacks simply as disturbances, the paper ‘Game theoretic vulnerability management for secondary frequency control of islanded microgrids against false data injection (FDI) attacks’ by S. Liu et al. considers the dynamic interaction between the smart attacker (the spoofer) and the defender the microgrid control centre (MGCC). The authors propose a stochastic game between the MGCC and the attacker for enhancing the vulnerability of the MGCC to FDI attack (wireless spoof attack).</p><p>As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are also exposed to cyber-attack threats. The paper ‘Mode-dependent switching control of bilateral teleoperation against random denial-of-service attacks’ by L. Hu et al. analyses the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and proposes a mode-dependent switching controller to mitigate the influence of DoS attacks.</p><p>While machine-learning algorithms are helpful in identifying cyber-attacks such as network intrusion, common network intrusion datasets are negatively affected by class imbalance; the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. The paper ‘Network intrusion detection using ML approaches: Addressing data imbalance’ by R. Ahsan et al. conducts a comparative evaluation on the impact of data imbalance of various ML algorithms and presents a hybrid voting classifier to improve the results.</p><p>To improve the anomaly detection performance when imbalanced datasets are used, the paper ‘A comparative analysis of CGAN-based oversampling for anomaly detection’ by R. Ahsan et al. proposes a CGAN-based anomaly detection solution by taking both data-level and algorithm-level structures into considerations.</p><p>The papers selected for this Special Issue cover a diversity of ML-based solutions for securing CPICSs, such as cyber-physical energy systems and tele-robotic systems. Furthermore, novel solutions for the data imbalance challenge in cyber-layer intrusion detection systems are highlighted in this issue. In future, ML and reinforcement learning algorithms may attract significant interests in tackling challenges in large-scale data analysis, data processing and decision-making involved in the security of CPICSs.</p>\",\"PeriodicalId\":36881,\"journal\":{\"name\":\"IET Cyber-Physical Systems: Theory and Applications\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.7000,\"publicationDate\":\"2022-02-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12029\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Cyber-Physical Systems: Theory and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/cps2.12029\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Cyber-Physical Systems: Theory and Applications","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cps2.12029","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

信息和通信技术越来越多地用于支持工业控制系统中测量和控制信号的交换,使其成为电力系统和智能交通系统等网络物理工业控制系统(cpics)的重要应用。虽然通信基础设施极大地促进了在广泛地理区域内传输大量数据,但它使ccics容易受到网络攻击;保护关键基础设施的cpcs免受网络攻击是至关重要且具有挑战性的。为了确保cpics的安全,需要解决各种开放的挑战,包括网络物理系统建模方法,先进的入侵检测系统以及弹性估计和控制方法。机器学习(ML)及其新兴算法为cpics的安全性提供了处理大规模数据分析、数据处理和决策的潜力。本期特刊发布了最先进的基于ml的解决方案,以应对关键基础设施ccics安全方面的公开挑战。在对cpics中的网络攻击进行建模时,大多数现有工作都考虑使用外部干扰,这些干扰遵循一定的假设。虽然将网络攻击简单地建模为干扰是不够的,但S. Liu等人的论文“孤岛微电网二次频率控制对抗虚假数据注入(FDI)攻击的博弈论漏洞管理”考虑了智能攻击者(欺骗者)和防御者微电网控制中心(MGCC)之间的动态交互。为了提高MGCC对FDI攻击(无线欺骗攻击)的脆弱性,作者提出了MGCC与攻击者之间的随机博弈。由于通信网络是用于双边远程操作系统主从端信息交换的,因此也容易受到网络攻击的威胁。L. Hu等人的论文《针对随机拒绝服务攻击的双边远程操作模式依赖切换控制》分析了随机拒绝服务(DoS)攻击和持续传输延迟情况下双边远程操作系统的性能,并提出了一种模式依赖切换控制器来减轻DoS攻击的影响。虽然机器学习算法有助于识别网络入侵等网络攻击,但常见的网络入侵数据集受到类不平衡的负面影响;正常的流量行为构成了数据集的大部分,而入侵流量行为构成了数据集的一小部分。R. Ahsan等人的论文“使用ML方法的网络入侵检测:解决数据不平衡”对各种ML算法的数据不平衡影响进行了比较评估,并提出了一种混合投票分类器来改进结果。为了提高使用不平衡数据集时的异常检测性能,R. Ahsan等人的论文“基于cgan的过采样异常检测的比较分析”提出了一种基于cgan的异常检测解决方案,同时考虑了数据级和算法级结构。本期特刊精选的论文涵盖了各种基于机器学习的cpics安全解决方案,如网络物理能源系统和远程机器人系统。此外,本文还针对网络层入侵检测系统中数据不平衡问题提出了新的解决方案。未来,机器学习和强化学习算法可能会在解决涉及cpics安全性的大规模数据分析、数据处理和决策方面的挑战方面引起人们的极大兴趣。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Guest editorial: Machine learning for secure cyber-physical industrial control systems

Information and communication technologies have increasingly been used to support the exchange of measurements and control signals in industrial control systems, making them important applications of cyber-physical industrial control systems (CPICSs) such as electrical power systems and intelligent transportation systems. While the communication infrastructure significantly facilitates the transmission of vast amounts of data over wide geographical areas, it makes CPICSs vulnerable to cyber-attacks; protecting CPICSs of critical infrastructures from cyber-attacks is crucial and challenging. In order to secure CPICSs, a variety of open challenges need to be tackled, including cyber-physical system modelling approaches, advanced intrusion detection systems, and resilient estimation and control methods. Machine learning (ML) and its emerging algorithms offer the potential of dealing with large-scale data analysis, data processing and decision-making in the security of CPICSs.

This special issue publishes state-of-the-art ML-based solutions for the open challenges in securing CPICSs of critical infrastructures.

When modelling cyber-attacks in CPICSs, most of existing works consider using external disturbances, which follow certain assumptions. While it is not sufficient to model cyber-attacks simply as disturbances, the paper ‘Game theoretic vulnerability management for secondary frequency control of islanded microgrids against false data injection (FDI) attacks’ by S. Liu et al. considers the dynamic interaction between the smart attacker (the spoofer) and the defender the microgrid control centre (MGCC). The authors propose a stochastic game between the MGCC and the attacker for enhancing the vulnerability of the MGCC to FDI attack (wireless spoof attack).

As communication networks are implemented for information exchange between the master and slave sides of bilateral teleoperation systems, they are also exposed to cyber-attack threats. The paper ‘Mode-dependent switching control of bilateral teleoperation against random denial-of-service attacks’ by L. Hu et al. analyses the performance of bilateral teleoperation systems in the presence of random denial-of-service (DoS) attacks and constant transmission delays and proposes a mode-dependent switching controller to mitigate the influence of DoS attacks.

While machine-learning algorithms are helpful in identifying cyber-attacks such as network intrusion, common network intrusion datasets are negatively affected by class imbalance; the normal traffic behaviour constitutes most of the dataset, whereas intrusion traffic behaviour forms a significantly smaller portion. The paper ‘Network intrusion detection using ML approaches: Addressing data imbalance’ by R. Ahsan et al. conducts a comparative evaluation on the impact of data imbalance of various ML algorithms and presents a hybrid voting classifier to improve the results.

To improve the anomaly detection performance when imbalanced datasets are used, the paper ‘A comparative analysis of CGAN-based oversampling for anomaly detection’ by R. Ahsan et al. proposes a CGAN-based anomaly detection solution by taking both data-level and algorithm-level structures into considerations.

The papers selected for this Special Issue cover a diversity of ML-based solutions for securing CPICSs, such as cyber-physical energy systems and tele-robotic systems. Furthermore, novel solutions for the data imbalance challenge in cyber-layer intrusion detection systems are highlighted in this issue. In future, ML and reinforcement learning algorithms may attract significant interests in tackling challenges in large-scale data analysis, data processing and decision-making involved in the security of CPICSs.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
IET Cyber-Physical Systems: Theory and Applications
IET Cyber-Physical Systems: Theory and Applications Computer Science-Computer Networks and Communications
CiteScore
5.40
自引率
6.70%
发文量
17
审稿时长
19 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信