Machine learning for intrusion detection in industrial control systems : challenges and lessons from experimental evaluation

M.R., Gauthama Raman and Ahmed, Chuadhry Mujeeb and Mathur, Aditya (2021) Machine learning for intrusion detection in industrial control systems : challenges and lessons from experimental evaluation. Cybersecurity, 4 (1). 27. ISSN 2523-3246 (https://doi.org/10.1186/s42400-021-00095-5)

[thumbnail of Raman-etal-CS-2021-Machine-learning-for-intrusion-detection-in-industrial-control-systems]
Preview
 Text. Filename: Raman_etal_CS_2021_Machine_learning_for_intrusion_detection_in_industrial_control_systems.pdf
Final Published Version
License: Creative Commons Attribution 4.0 logo
Download (1MB)| Preview

Abstract

Abstract: Gradual increase in the number of successful attacks against Industrial Control Systems (ICS) has led to an urgent need to create defense mechanisms for accurate and timely detection of the resulting process anomalies. Towards this end, a class of anomaly detectors, created using data-centric approaches, are gaining attention. Using machine learning algorithms such approaches can automatically learn the process dynamics and control strategies deployed in an ICS. The use of these approaches leads to relatively easier and faster creation of anomaly detectors compared to the use of design-centric approaches that are based on plant physics and design. Despite the advantages, there exist significant challenges and implementation issues in the creation and deployment of detectors generated using machine learning for city-scale plants. In this work, we enumerate and discuss such challenges. Also presented is a series of lessons learned in our attempt to meet these challenges in an operational plant.

ORCID iDs

M.R., Gauthama Raman, Ahmed, Chuadhry Mujeeb ORCID logoORCID: https://orcid.org/0000-0003-3644-0465 and Mathur, Aditya;
CORE (COnnecting REpositories)