Abstract
Worldwide cyber-attacks constantly threaten the security of available infrastructure relying on cyber-physical systems. Infrastructure companies use passive testing approaches such as anomaly-based intrusion detection systems to observe such systems and prevent attacks. However, the effectiveness of intrusion detection systems depends on the underlying models used for detecting attacks and the observations that may suffer from scarce data availability. Hence, we need research on a) passive testing methods for obtaining appropriate detection models and b) for analysing the impact of the scarceness of data for improving intrusion detection systems. In this paper, we contribute to these challenges. We build on former work on supervised intrusion detection of power grid substation SCADA network traffic where a real-world data set (APG data set) is available. In contrast to previous work, we use a semi-supervised model with recurrent neural network architectures (i.e., LSTM Autoencoders and sequence models). This model only considers samples of ordinary data traffic without attacks to learn an adequate detection model. We outline the underlying foundations regarding the machine learning approach used. Furthermore, we present and discuss the obtained experimental results and compare them with prior results on supervised machine learning approaches.
Original language | English |
---|---|
Title of host publication | Proceedings - 4th IEEE International Conference on Artificial Intelligence Testing, AITest 2022 |
Publisher | IEEE Institute of Electrical and Electronics Engineers |
Pages | 42-47 |
Number of pages | 6 |
ISBN (Electronic) | 9781665487375 |
DOIs | |
Publication status | Published - 2022 |
Event | 4th IEEE International Conference on Artificial Intelligence Testing: AITest 2022 - Newark, United States Duration: 15 Aug 2022 → 18 Aug 2022 |
Conference
Conference | 4th IEEE International Conference on Artificial Intelligence Testing |
---|---|
Abbreviated title | AITest 2022 |
Country/Territory | United States |
City | Newark |
Period | 15/08/22 → 18/08/22 |
Keywords
- Anomaly Detection
- Intrusion Detection
- Passive Testing
- Power Grid Substation Networks
- SCADA network traffic
- Security Testing
ASJC Scopus subject areas
- Artificial Intelligence
- Software
- Safety, Risk, Reliability and Quality
- Modelling and Simulation