Kontaktujte nás | Jazyk: čeština English
dc.title | Anomaly detection system based on classifier fusion in ICS environment | en |
dc.contributor.author | Vávra, Jan | |
dc.contributor.author | Hromada, Martin | |
dc.relation.ispartof | Proceedings - 2017 International Conference on Soft Computing, Intelligent System and Information Technology: Building Intelligence Through IOT and Big Data, ICSIIT 2017 | |
dc.identifier.isbn | 978-1-4673-9899-2 | |
dc.date.issued | 2017 | |
utb.relation.volume | 2018-January | |
dc.citation.spage | 32 | |
dc.citation.epage | 38 | |
dc.event.title | 5th International Conference on Soft Computing, Intelligent System and Information Technology, ICSIIT 2017 | |
dc.event.location | Petra Christian Univ | |
utb.event.state-en | Informat dept | |
dc.event.sdate | 2017-09-26 | |
dc.event.edate | 2017-09-29 | |
dc.type | conferenceObject | |
dc.language.iso | en | |
dc.publisher | Institute of Electrical and Electronics Engineers (IEEE) | |
dc.identifier.doi | 10.1109/ICSIIT.2017.35 | |
dc.relation.uri | https://ieeexplore.ieee.org/abstract/document/8262539/ | |
dc.subject | Classifier | en |
dc.subject | industrial control system | en |
dc.subject | cyber security | en |
dc.subject | anomaly detection | en |
dc.description.abstract | The detection of cyber-attacks has become a crucial task for highly sophisticated systems like industrial control systems (ICS). These systems are an essential part of critical information infrastructure. Therefore, we can highlight their vital role in contemporary society. The effective and reliable ICS cyber defense is a significant challenge for the cyber security community. Thus, intrusion detection is one of the demanding tasks for the cyber security researchers. In this article, we examine classification problem. The proposed detection system is based on supervised anomaly detection techniques. Moreover, we utilized classifiers algorithms in order to increase intrusion detection capabilities. The fusion of the classifiers is the way how to achieve the predefined goal. | en |
utb.faculty | Faculty of Applied Informatics | |
dc.identifier.uri | http://hdl.handle.net/10563/1007870 | |
utb.identifier.obdid | 43876936 | |
utb.identifier.scopus | 2-s2.0-85049330863 | |
utb.identifier.wok | 000428025400007 | |
utb.source | d-wok | |
dc.date.accessioned | 2018-04-23T15:01:49Z | |
dc.date.available | 2018-04-23T15:01:49Z | |
dc.description.sponsorship | Internal Grant Agency [IGA/FAI/2017/003]; Ministry of the Interior of the Czech Republic; Ministry of Education, Youth and Sports of the Czech Republic [LO1303 (MSMT-7778/2014)]; European Regional Development Fund under the project CEBIA-Tech [CZ.1.05/2.1.00/03.0089]; [VI20152019049]; [VI20172019054] | |
utb.contributor.internalauthor | Vávra, Jan | |
utb.contributor.internalauthor | Hromada, Martin | |
utb.fulltext.affiliation | Jan Vávra, Martin Hromada Department of Security Engineering Tomas Bata University in Zlín Zlín, Czech Republic jvavra@fai.utb.cz, hromada@fai.utb.cz | |
utb.fulltext.dates | - | |
utb.fulltext.references | [1] S. Gottwald, “Study on Critical Dependencies of Energy, Finance and Transport Infrastructures on ICT Infrastructure,” ver. 1.0, European Commission DG Justice, Freedom and Security, Germany, Feb. 2011. [2] T. Macaulay, Critical Infrastructure: Understanding Its Component Parts, Vulnerabilities, Operating Risks, and Interdependencies, CRC Press, 2008. [3] K. Stouffer, V. Pillitteri, S. Lightman, M. Abrams, and A. Hahn, “Guide to Industrial Control Systems (ICS) Security,” Special Publication 800-82 rev. 2, National Institute of Standards and Technology (NIST), US Dept. of Commerce, May 2015, doi: 10.6028/NIST.SP.800-82r2. [4] Z. Dewa and L.A. Maglaras, “Data Mining and Intrusion Detection Systems,” Int. J. Advanced Computer Science and Applications (IJACSA), vol. 7, no. 1, 2016, doi: 10.14569/IJACSA.2016.070109. [5] J. Hosic, J. Lamps, and D.H. Hart, “Evolving Decision Trees to Detect Anomalies in Recurrent ICS Networks,” Proc. World Congr. on Industrial Control Systems Security (WCICSS), London (UK), Dec. 2015, pp. 50–57, doi: 10.1109/WCICSS.2015.7420323. [6] L.A. Maglaras, and J. Jiang, “Intrusion Detection in SCADA Systems using Machine Learning Techniques,” Proc. Science and Information Conference (SAI), London (UK), Aug. 2014, pp. 626–631, doi: 10.1109/SAI.2014.6918252. [7] M. Mantere, M. Sailio, and S. Noponen, “A Module for Anomaly Detection in ICS Networks,” Proc. 3rd Int. Conf. on High Confidence Networked Systems (HiCoNS), Berlin (Germany), Apr. 2014, pp. 49–56, doi: 10.1145/2566468.2566478. [8] C. Zhou, S. Huang, N. Xiong, S.H. Yang, H. Li, Y. Qin, and X. Li, “Design and Analysis of Multimodel-based Anomaly Intrusion Detection Systems in Industrial Process Automation,” IEEE Trans. on Systems, Man, and Cybernetics: Systems, vol. 45, no. 10, pp. 1345–1360, Oct. 2015, doi: 10.1109/TSMC.2015.2415763. [9] M.A. Bagheri, G. Hu, Q. Gao, and S. Escalera, “A Framework of Multi-classifier Fusion for Human Action Recognition,” Proc. 22nd Int. Conf. on Pattern Recognition (ICPR), Stockholm (Sweden), Aug. 2014, pp. 1260–1265, doi: 10.1109/ICPR.2014.226. [10] B. Hadjadji, Y. Chibani, and Y. Guerbai, “Multiple One-Class Classifier Combination for Multi-class Classification,” Proc. 22nd Int. Conf. on Pattern Recognition (ICPR), Stockholm (Sweden), Aug. 2014, pp. 2832–2837, doi: 10.1109/ICPR.2014.488. [11] K.R. Remya and J.S. Ramya, “Using Weighted Majority Voting Classifier Combination for Relation Classification in Biomedical Texts,” Proc. Int. Conf. on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), Kanyakumari (India), Jul. 2014, pp. 1205–1209, doi: 10.1109/ICCICCT.2014.6993144. [12] X. Zhu, B. Ma, and G. Guo, “An Adaptive-weight Regularization Method for Multi-classifier Fusion Decision,” Proc. Int. Conf. on Mechatronics and Control (ICMC), Jinzhou (China), Jul. 2014, pp. 343–346, doi: 10.1109/ICMC.2014.7231575. [13] O. Gharroudi, H. Elghazel, and A. Aussem, “Ensemble Multi-label Classification: A Comparative Study on Threshold Selection and Voting Methods,” Proc. IEEE 27th Int. Conf. on Tools with Artificial Intelligence (ICTAI), Vietri sul Mare (Italy), Nov. 2015, pp. 377–384, doi: 10.1109/ICTAI.2015.64. [14] D. Nozza, E. Fersini, and E. Messina, “Deep Learning and Ensemble Methods for Domain Adaptation,” Proc. IEEE 28th Int. Conf. on Tools with Artificial Intelligence (ICTAI), San Jose (CA, USA), Nov. 2016, pp. 184–189, doi: 10.1109/ICTAI.2016.0037. [15] N. Chauhan and S. Bahl, “Performance Analysis of Dimension Reduction Techniques with Classifier Combination for Intrusion Detection System,” Proc. 2nd Int. Conf. on Computing for Sustainable Global Development (INDIACom), New Delhi (India), Mar. 2015, pp. 1084–1089. [16] L. Akoglu, H. Tong, and D. Koutra, “Graph Based Anomaly Detection and Description: A Survey,” Data Mining and Knowledge Discovery, vol. 29, no. 3, pp. 626–688, May 2015, doi: 10.1007/s10618-014-0365-y. [17] V. Chandola, A. Banerjee, and V. Kumar, “Anomaly Detection: A Survey,” ACM Computing Surveys (CSUR), vol. 41, no. 3, article no. 15, Jul. 2009, doi: 10.1145/1541880.1541882. [18] D.W. Aha, D. Kibler, M.K. Albert, “Instance-based Learning Algorithms,” Machine Learning, vol. 6, no. 1, pp. 37–66, Jan. 1991, doi: 10.1007/BF00153759. [19] B.E. Boser, I.M. Guyon, and V.N. Vapnik, “A Training Algorithm for Optimal Margin Classifiers,” Proc. 5th Annu. Workshop on Computational Learning Theory, Pittsburgh (PA, USA), Jul. 1992, pp. 144–152, doi: 10.1145/130385.130401. [20] C.W. Hsu, C.C. Chang, and C.J. Lin, “A Practical Guide to Support Vector Classification,” 2003. [Online] Available: http://www.csie.ntu.edu.tw/~cjlin/papers/guide/guide.pdf. [21] J. Kittler, M. Hatef, R.P.W. Duin, and J. Matas, “On Combining Classifiers,” IEEE Trans. on Pattern Analysis and Machine Intelligence, vol. 20, no. 3, pp. 226–239, Mar. 1998, doi: 10.1109/34.667881. [22] R.C.B. Hink, J.M. Beaver, M.A. Buckner, T. Morris, U. Adhikari, and S. Pan, “Machine Learning for Power System Disturbance and Cyber-attack Discrimination,” Proc. 7th Int. Symp. on Resilient Control Systems (ISRCS), Denver (CO, USA), Aug. 2014, doi: 10.1109/ISRCS.2014.6900095. [23] T. Fawcett, “An Introduction to ROC Analysis,” Pattern Recognition Letters, vol. 27, no. 8, pp. 861–874, Jun. 2006, doi: 10.1016/j.patrec.2005.10.010. [24] L. Breiman “Random Forests,” Machine Learning, 2001, 45(1):5-32. [25] A. Kaur and I. Kaur, “An Empirical Evaluation of Classification Algorithms for Fault Prediction in Open Source Projects,” J. King Saud University – Computer and Information Sciences, to be published, doi: 10.1016/j.jksuci.2016.04.002. | |
utb.fulltext.sponsorship | This work was funded by the Internal Grant Agency (IGA/FAI/2017/003) and supported by the project ev. no. VI20152019049 "RESILIENCE 2015: Dynamic Resilience Evaluation of Interrelated Critical Infrastructure Subsystems", supported by the Ministry of the Interior of the Czech Republic in the years 2015-2019 and also supported by the research project VI20172019054 "An analytical software module for the real-time resilience evaluation from point of the converged security", supported by the Ministry of the Interior of the Czech Republic in the years 2017-2019. Moreover, this work was supported by the Ministry of Education, Youth and Sports of the Czech Republic within the National Sustainability Programme project No. LO1303 (MSMT-7778/2014) and also by the European Regional Development Fund under the project CEBIA-Tech No. CZ.1.05/2.1.00/03.0089. Finally, we thank our colleagues from Mississippi State University and Oak Ridge National Laboratory which provides SCADA datasets. | |
utb.wos.affiliation | [Vavra, Jan; Hromada, Martin] Tomas Bata Univ Zlin, Dept Secur Engn, Zlin, Czech Republic | |
utb.fulltext.projects | IGA/FAI/2017/003 | |
utb.fulltext.projects | VI20152019049 | |
utb.fulltext.projects | VI20172019054 | |
utb.fulltext.projects | LO1303 (MSMT-7778/2014) | |
utb.fulltext.projects | CZ.1.05/2.1.00/03.0089 |