Loading...

Deep Learning-Based Intrusion Detection Systems in Industrial Control Systems

Amir Hossein Salehi | 2023

38 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 56786 (05)
  4. University: Sharif University of Technology
  5. Department: Electrical Engineering
  6. Advisor(s): Aref, Mohammad Reza; Ahmadi, Siavash
  7. Abstract:
  8. With the spread of threats against industrial control systems, preserving the security of these systems faces serious challenges. On the other hand, with the increase of communication between industrial control networks and external communication networks, the entry points of these networks have also increased and this exposes them to IP network threats. Beside that, traditional attacks on these systems, which generally occur by infiltrating the internal network, are also constantly changing and becoming more complex. These attacks mainly have a phase of hiding the attack from the monitoring systems, which eliminates the possibility of identifying the attacker's operations to a great extent by forging and imitating the normal behavior of the system, and therefore it will be very difficult to detect them using common methods. This issue shows the need for an independent and centralized solution that has the ability to analyze traffic or network behavior in certain time intervals while being able to monitor all network processes. Now, the solution considered for this purpose is to use up-to-date intrusion detection systems. In addition to the ability to constantly monitor and analyze the network, the mentioned system should be able to be updated in certain time intervals by adapting to new threats and the new behavior of the industrial control network. In this thesis, two approaches based on artificial intelligence have been used to design our intrusion detection system. The first approach is a semi-supervised system based on a stacked deep autoencoder in combination with a classifier neural network, which has many advantages for use in industrial control networks. The second proposed approach is an unsupervised system based on a combination of different deep-learning based and basical models designed for online detection of cyber attacks. Lightness of two systems in comparison with other schemes is considered an important advantage in some practical applications. In addition, two proposed systems have the ability to potentially detect zero-day attacks due to its flexible architecture. The experimental results of the implementation of the proposed approaches indicate the superiority of our system in terms of various accuracy evaluation metrics, in comparison with previous designs, which guarantees the efficiency of our systems in practical applications
  9. Keywords:
  10. Industrial Control System ; Artificial Intelligence ; Intrusion Detection System ; Autoencoder ; Online Detection ; Zero-Day Attacks

 Digital Object List

 Bookmark

No TOC