{"title":"基于监督学习的SCADA网络流入侵检测","authors":"Gabriela Vasquez, R. S. Miani, B. B. Zarpelão","doi":"10.5753/sbseg.2017.19498","DOIUrl":null,"url":null,"abstract":"Recent attacks on industrial networks have brought the question of their protection, given the importance of the equipment that they control. In this paper, we address the application of Machine Learning (ML) algorithms to build an Intrusion Detection System (IDS) for these networks. As network traffic usually has much less malicious packets than normal ones, intrusion detection problems have class imbalance as a key characteristic, which can be a challenge for ML algorithms. Therefore, we study the performance of nine different ML algorithms in classifying IP flows of an industrial network, analyzing the impact of class imbalance in the results. The algorithms were evaluated taking as main metrics the F1-Score and Averaged Accuracy. Our experiments showed that the three algorithms based on decision trees were superior to the others. Particularly, the Decision Jungle algorithm outperformed all the others.","PeriodicalId":322419,"journal":{"name":"Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Flow-Based Intrusion Detection for SCADA networks using Supervised Learning\",\"authors\":\"Gabriela Vasquez, R. S. Miani, B. B. Zarpelão\",\"doi\":\"10.5753/sbseg.2017.19498\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recent attacks on industrial networks have brought the question of their protection, given the importance of the equipment that they control. In this paper, we address the application of Machine Learning (ML) algorithms to build an Intrusion Detection System (IDS) for these networks. As network traffic usually has much less malicious packets than normal ones, intrusion detection problems have class imbalance as a key characteristic, which can be a challenge for ML algorithms. Therefore, we study the performance of nine different ML algorithms in classifying IP flows of an industrial network, analyzing the impact of class imbalance in the results. The algorithms were evaluated taking as main metrics the F1-Score and Averaged Accuracy. Our experiments showed that the three algorithms based on decision trees were superior to the others. Particularly, the Decision Jungle algorithm outperformed all the others.\",\"PeriodicalId\":322419,\"journal\":{\"name\":\"Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-11-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5753/sbseg.2017.19498\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5753/sbseg.2017.19498","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Flow-Based Intrusion Detection for SCADA networks using Supervised Learning
Recent attacks on industrial networks have brought the question of their protection, given the importance of the equipment that they control. In this paper, we address the application of Machine Learning (ML) algorithms to build an Intrusion Detection System (IDS) for these networks. As network traffic usually has much less malicious packets than normal ones, intrusion detection problems have class imbalance as a key characteristic, which can be a challenge for ML algorithms. Therefore, we study the performance of nine different ML algorithms in classifying IP flows of an industrial network, analyzing the impact of class imbalance in the results. The algorithms were evaluated taking as main metrics the F1-Score and Averaged Accuracy. Our experiments showed that the three algorithms based on decision trees were superior to the others. Particularly, the Decision Jungle algorithm outperformed all the others.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
