TBU Publications
Repository of TBU Publications

Anomaly detection system based on classifier fusion in ICS environment

DSpace Repository

Show simple item record

dc.title Anomaly detection system based on classifier fusion in ICS environment en
dc.contributor.author Vávra, Jan
dc.contributor.author Hromada, Martin
dc.relation.ispartof Proceedings - 2017 International Conference on Soft Computing, Intelligent System and Information Technology: Building Intelligence Through IOT and Big Data, ICSIIT 2017
dc.identifier.isbn 9781467398992
dc.date.issued 2017
utb.relation.volume 2018-January
dc.citation.spage 32
dc.citation.epage 38
dc.event.title 5th International Conference on Soft Computing, Intelligent System and Information Technology, ICSIIT 2017
dc.event.location Petra Christian Univ
utb.event.state-en Informat dept
dc.event.sdate 2017-09-26
dc.event.edate 2017-09-29
dc.type conferenceObject
dc.language.iso en
dc.publisher Institute of Electrical and Electronics Engineers (IEEE)
dc.identifier.doi 10.1109/ICSIIT.2017.35
dc.relation.uri https://ieeexplore.ieee.org/abstract/document/8262539/
dc.subject Classifier en
dc.subject industrial control system en
dc.subject cyber security en
dc.subject anomaly detection en
dc.description.abstract The detection of cyber-attacks has become a crucial task for highly sophisticated systems like industrial control systems (ICS). These systems are an essential part of critical information infrastructure. Therefore, we can highlight their vital role in contemporary society. The effective and reliable ICS cyber defense is a significant challenge for the cyber security community. Thus, intrusion detection is one of the demanding tasks for the cyber security researchers. In this article, we examine classification problem. The proposed detection system is based on supervised anomaly detection techniques. Moreover, we utilized classifiers algorithms in order to increase intrusion detection capabilities. The fusion of the classifiers is the way how to achieve the predefined goal. en
utb.faculty Faculty of Applied Informatics
dc.identifier.uri http://hdl.handle.net/10563/1007870
utb.identifier.obdid 43876936
utb.identifier.scopus 2-s2.0-85049330863
utb.identifier.wok 000428025400007
utb.source d-wok
dc.date.accessioned 2018-04-23T15:01:49Z
dc.date.available 2018-04-23T15:01:49Z
dc.description.sponsorship Internal Grant Agency [IGA/FAI/2017/003]; Ministry of the Interior of the Czech Republic; Ministry of Education, Youth and Sports of the Czech Republic [LO1303 (MSMT-7778/2014)]; European Regional Development Fund under the project CEBIA-Tech [CZ.1.05/2.1.00/03.0089]; [VI20152019049]; [VI20172019054]
utb.contributor.internalauthor Vávra, Jan
utb.contributor.internalauthor Hromada, Martin
utb.fulltext.affiliation Jan Vávra, Martin Hromada Department of Security Engineering Tomas Bata University in Zlín Zlín, Czech Republic jvavra@fai.utb.cz, hromada@fai.utb.cz
utb.fulltext.dates -
utb.fulltext.references [1] S. Gottwald, “Study on Critical Dependencies of Energy, Finance and Transport Infrastructures on ICT Infrastructure,” ver. 1.0, European Commission DG Justice, Freedom and Security, Germany, Feb. 2011. [2] T. Macaulay, Critical Infrastructure: Understanding Its Component Parts, Vulnerabilities, Operating Risks, and Interdependencies, CRC Press, 2008. [3] K. Stouffer, V. Pillitteri, S. Lightman, M. Abrams, and A. Hahn, “Guide to Industrial Control Systems (ICS) Security,” Special Publication 800-82 rev. 2, National Institute of Standards and Technology (NIST), US Dept. of Commerce, May 2015, doi: 10.6028/NIST.SP.800-82r2. [4] Z. Dewa and L.A. Maglaras, “Data Mining and Intrusion Detection Systems,” Int. J. Advanced Computer Science and Applications (IJACSA), vol. 7, no. 1, 2016, doi: 10.14569/IJACSA.2016.070109. [5] J. Hosic, J. Lamps, and D.H. Hart, “Evolving Decision Trees to Detect Anomalies in Recurrent ICS Networks,” Proc. World Congr. on Industrial Control Systems Security (WCICSS), London (UK), Dec. 2015, pp. 50–57, doi: 10.1109/WCICSS.2015.7420323. [6] L.A. Maglaras, and J. Jiang, “Intrusion Detection in SCADA Systems using Machine Learning Techniques,” Proc. Science and Information Conference (SAI), London (UK), Aug. 2014, pp. 626–631, doi: 10.1109/SAI.2014.6918252. [7] M. Mantere, M. Sailio, and S. Noponen, “A Module for Anomaly Detection in ICS Networks,” Proc. 3rd Int. Conf. on High Confidence Networked Systems (HiCoNS), Berlin (Germany), Apr. 2014, pp. 49–56, doi: 10.1145/2566468.2566478. [8] C. Zhou, S. Huang, N. Xiong, S.H. Yang, H. Li, Y. Qin, and X. Li, “Design and Analysis of Multimodel-based Anomaly Intrusion Detection Systems in Industrial Process Automation,” IEEE Trans. on Systems, Man, and Cybernetics: Systems, vol. 45, no. 10, pp. 1345–1360, Oct. 2015, doi: 10.1109/TSMC.2015.2415763. [9] M.A. Bagheri, G. Hu, Q. Gao, and S. Escalera, “A Framework of Multi-classifier Fusion for Human Action Recognition,” Proc. 22nd Int. Conf. on Pattern Recognition (ICPR), Stockholm (Sweden), Aug. 2014, pp. 1260–1265, doi: 10.1109/ICPR.2014.226. [10] B. Hadjadji, Y. Chibani, and Y. Guerbai, “Multiple One-Class Classifier Combination for Multi-class Classification,” Proc. 22nd Int. Conf. on Pattern Recognition (ICPR), Stockholm (Sweden), Aug. 2014, pp. 2832–2837, doi: 10.1109/ICPR.2014.488. [11] K.R. Remya and J.S. Ramya, “Using Weighted Majority Voting Classifier Combination for Relation Classification in Biomedical Texts,” Proc. Int. Conf. on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), Kanyakumari (India), Jul. 2014, pp. 1205–1209, doi: 10.1109/ICCICCT.2014.6993144. [12] X. Zhu, B. Ma, and G. Guo, “An Adaptive-weight Regularization Method for Multi-classifier Fusion Decision,” Proc. Int. Conf. on Mechatronics and Control (ICMC), Jinzhou (China), Jul. 2014, pp. 343–346, doi: 10.1109/ICMC.2014.7231575. [13] O. Gharroudi, H. Elghazel, and A. Aussem, “Ensemble Multi-label Classification: A Comparative Study on Threshold Selection and Voting Methods,” Proc. IEEE 27th Int. Conf. on Tools with Artificial Intelligence (ICTAI), Vietri sul Mare (Italy), Nov. 2015, pp. 377–384, doi: 10.1109/ICTAI.2015.64. [14] D. Nozza, E. Fersini, and E. Messina, “Deep Learning and Ensemble Methods for Domain Adaptation,” Proc. IEEE 28th Int. Conf. on Tools with Artificial Intelligence (ICTAI), San Jose (CA, USA), Nov. 2016, pp. 184–189, doi: 10.1109/ICTAI.2016.0037. [15] N. Chauhan and S. Bahl, “Performance Analysis of Dimension Reduction Techniques with Classifier Combination for Intrusion Detection System,” Proc. 2nd Int. Conf. on Computing for Sustainable Global Development (INDIACom), New Delhi (India), Mar. 2015, pp. 1084–1089. [16] L. Akoglu, H. Tong, and D. Koutra, “Graph Based Anomaly Detection and Description: A Survey,” Data Mining and Knowledge Discovery, vol. 29, no. 3, pp. 626–688, May 2015, doi: 10.1007/s10618-014-0365-y. [17] V. Chandola, A. Banerjee, and V. Kumar, “Anomaly Detection: A Survey,” ACM Computing Surveys (CSUR), vol. 41, no. 3, article no. 15, Jul. 2009, doi: 10.1145/1541880.1541882. [18] D.W. Aha, D. Kibler, M.K. Albert, “Instance-based Learning Algorithms,” Machine Learning, vol. 6, no. 1, pp. 37–66, Jan. 1991, doi: 10.1007/BF00153759. [19] B.E. Boser, I.M. Guyon, and V.N. Vapnik, “A Training Algorithm for Optimal Margin Classifiers,” Proc. 5th Annu. Workshop on Computational Learning Theory, Pittsburgh (PA, USA), Jul. 1992, pp. 144–152, doi: 10.1145/130385.130401. [20] C.W. Hsu, C.C. Chang, and C.J. Lin, “A Practical Guide to Support Vector Classification,” 2003. [Online] Available: http://www.csie.ntu.edu.tw/~cjlin/papers/guide/guide.pdf. [21] J. Kittler, M. Hatef, R.P.W. Duin, and J. Matas, “On Combining Classifiers,” IEEE Trans. on Pattern Analysis and Machine Intelligence, vol. 20, no. 3, pp. 226–239, Mar. 1998, doi: 10.1109/34.667881. [22] R.C.B. Hink, J.M. Beaver, M.A. Buckner, T. Morris, U. Adhikari, and S. Pan, “Machine Learning for Power System Disturbance and Cyber-attack Discrimination,” Proc. 7th Int. Symp. on Resilient Control Systems (ISRCS), Denver (CO, USA), Aug. 2014, doi: 10.1109/ISRCS.2014.6900095. [23] T. Fawcett, “An Introduction to ROC Analysis,” Pattern Recognition Letters, vol. 27, no. 8, pp. 861–874, Jun. 2006, doi: 10.1016/j.patrec.2005.10.010. [24] L. Breiman “Random Forests,” Machine Learning, 2001, 45(1):5-32. [25] A. Kaur and I. Kaur, “An Empirical Evaluation of Classification Algorithms for Fault Prediction in Open Source Projects,” J. King Saud University – Computer and Information Sciences, to be published, doi: 10.1016/j.jksuci.2016.04.002.
utb.fulltext.sponsorship This work was funded by the Internal Grant Agency (IGA/FAI/2017/003) and supported by the project ev. no. VI20152019049 "RESILIENCE 2015: Dynamic Resilience Evaluation of Interrelated Critical Infrastructure Subsystems", supported by the Ministry of the Interior of the Czech Republic in the years 2015-2019 and also supported by the research project VI20172019054 "An analytical software module for the real-time resilience evaluation from point of the converged security", supported by the Ministry of the Interior of the Czech Republic in the years 2017-2019. Moreover, this work was supported by the Ministry of Education, Youth and Sports of the Czech Republic within the National Sustainability Programme project No. LO1303 (MSMT-7778/2014) and also by the European Regional Development Fund under the project CEBIA-Tech No. CZ.1.05/2.1.00/03.0089. Finally, we thank our colleagues from Mississippi State University and Oak Ridge National Laboratory which provides SCADA datasets.
utb.wos.affiliation [Vavra, Jan; Hromada, Martin] Tomas Bata Univ Zlin, Dept Secur Engn, Zlin, Czech Republic
Find Full text

Files in this item

Show simple item record