SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning

Sanaz Nakhodchi, Behrouz Zolfaghari, Abbas Yazdinejad, Ali Dehghantanha

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The security of Industrial Control Systems is of high importance as they play a critical role in uninterrupted services provided by Critical Infrastructure operators. Due to a large number of devices and their geographical distribution, Industrial Control Systems need efficient automatic cyber-attack detection and attribution methods, which suggests us AI-based approaches. This paper proposes a model called SteelEye based on Semi-Deep Learning for accurate detection and attribution of cyber-attacks at the application layer in industrial control systems. The proposed model depends on Bag of Features for accurate detection of cyber-attacks and utilizes Categorical Boosting as the base predictor for attack attribution. Empirical results demonstrate that SteelEye remarkably outperforms state-of-the-art cyber-attack detection and attribution methods in terms of accuracy, precision, recall, and Fl-score.

Original languageEnglish
Title of host publication2021 18th International Conference on Privacy, Security and Trust, PST 2021
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665401845
DOIs
Publication statusPublished - 2021
Externally publishedYes
Event18th International Conference on Privacy, Security and Trust, PST 2021 - Auckland, New Zealand
Duration: 2021 Dec 132021 Dec 15

Publication series

Name2021 18th International Conference on Privacy, Security and Trust, PST 2021

Conference

Conference18th International Conference on Privacy, Security and Trust, PST 2021
Country/TerritoryNew Zealand
CityAuckland
Period21/12/1321/12/15

Keywords

  • Attack Attribution
  • Attack Detection
  • BoF
  • Categorical Boosting
  • Industrial Control System
  • Semi-Deep learning

ASJC Scopus subject areas

  • Information Systems
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Instrumentation

Fingerprint

Dive into the research topics of 'SteelEye: An Application-Layer Attack Detection and Attribution Model in Industrial Control Systems using Semi-Deep Learning'. Together they form a unique fingerprint.

Cite this