Open Access iconOpen Access

ARTICLE

crossmark

Industrial Datasets with ICS Testbed and Attack Detection Using Machine Learning Techniques

Sinil Mubarak1, Mohamed Hadi Habaebi1,*, Md Rafiqul Islam1, Asaad Balla1, Mohammad Tahir2, Elfatih A. A. Elsheikh3, F. M. Suliman3

1 IoT & Wireless Communication Protocols Lab, International Islamic University Malaysia, Selangor, 53100, Malaysia
2 Sunway University, Selangor, 47500, Malaysia
3 Department of Electrical Engineering, College of Engineering, King Khalid University, Abha, 61421, Saudi Arabia

* Corresponding Author: Mohamed Hadi Habaebi. Email: email

Intelligent Automation & Soft Computing 2022, 31(3), 1345-1360. https://doi.org/10.32604/iasc.2022.020801

Abstract

Industrial control systems (ICS) are the backbone for the implementation of cybersecurity solutions. They are susceptible to various attacks, due to openness in connectivity, unauthorized attempts, malicious attacks, use of more commercial off the shelf (COTS) software and hardware, and implementation of Internet protocols (IP) that exposes them to the outside world. Cybersecurity solutions for Information technology (IT) secured with firewalls, intrusion detection/protection systems do nothing much for Operational technology (OT) ICS. An innovative concept of using real operational technology network traffic-based testbed, for cyber-physical system simulation and analysis, is presented. The testbed is equipped with real-time attacks using in-house penetration test tool with reconnaissance, interception, and firmware analysis scenarios. The test cases with different real-time hacking scenarios are implemented with the ICS cyber test kit, and its industrial datasets are captured which can be utilized for Deep packet inspection (DPI). The DPI provides more visibility into the contents of OT network traffic based on OT protocols. The Machine learning (ML) techniques are deployed for cyber-attack detection of datasets from the cyber kit. The performance metrics such as accuracy, precision, recall, F1 score are evaluated and cross validated for different ML algorithms for anomaly detection. The decision tree (DT) ML technique is optimized with pruning method which provides an attack detection accuracy of 96.5%. The deep learning (DL) techniques has been used recently for enhanced OT intrusion detection performances.

Keywords


Cite This Article

APA Style
Mubarak, S., Habaebi, M.H., Islam, M.R., Balla, A., Tahir, M. et al. (2022). Industrial datasets with ICS testbed and attack detection using machine learning techniques. Intelligent Automation & Soft Computing, 31(3), 1345-1360. https://doi.org/10.32604/iasc.2022.020801
Vancouver Style
Mubarak S, Habaebi MH, Islam MR, Balla A, Tahir M, Elsheikh EAA, et al. Industrial datasets with ICS testbed and attack detection using machine learning techniques. Intell Automat Soft Comput . 2022;31(3):1345-1360 https://doi.org/10.32604/iasc.2022.020801
IEEE Style
S. Mubarak et al., “Industrial Datasets with ICS Testbed and Attack Detection Using Machine Learning Techniques,” Intell. Automat. Soft Comput. , vol. 31, no. 3, pp. 1345-1360, 2022. https://doi.org/10.32604/iasc.2022.020801



cc Copyright © 2022 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2977

    View

  • 1440

    Download

  • 0

    Like

Share Link