https://www.mdu.se/

mdh.sePublikasjoner
EnglishSvenskaNorsk
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Identification of Cyberattacks in Industrial Control Systems
Mälardalens universitet, Akademin för innovation, design och teknik. RISE Research Institute of Sweden, Västerås, Sweden.ORCID-id: 0000-0001-5332-1033
2023 (engelsk)Licentiatavhandling, med artikler (Annet vitenskapelig)
Abstract [en]

As critical infrastructure increasingly relies on Industrial Control Systems (ICS), these systems have become a prime target for cyberattacks. As a result of the move towards Industry 4.0 targets, ICSs are increasingly being connected to the outside world, which makes them even more vulnerable to attacks. To enhance the ICS's security, Intrusion Detection Systems (IDS) are used in detecting and mitigating attacks. However, using real ICS installations for testing IDS can be challenging, as any interference with the ICS could have serious consequences, such as production downtime or compromised safety. Alternatively, ICS testbeds and cybersecurity datasets can be used to analyze, validate, and evaluate the IDS capabilities in a controlled environment. In addition, the complexity of ICSs, combined with the unpredictable and intricate nature of attacks, present a challenge in achieving high detection precision using traditional rule-based models. To tackle this challenge, Machine Learning (ML) have become increasingly attractive for identifying a broader range of attacks.

 

This thesis aims to enhance ICS cybersecurity by addressing the mentioned challenges. We introduce a framework for simulation of virtual ICS security testbeds that can be customized to create extensible, versatile, reproducible, and low-cost ICS testbeds. Using this framework, we create a factory simulation and its ICS to generate an ICS security dataset. We present this dataset as a validation benchmark for intrusion detection methods in ICSs. Finally, we investigate the efficiency and effectiveness of the intrusion detection capabilities of a range of Machine Learning techniques. Our findings show (1) that relying solely on intrusion evidence at a specific moment for intrusion detection can lead to misclassification, as various cyber-attacks may have similar effects at a specific moment, and (2) that AI models that consider the temporal relationship between events are effective in improving the ability to detect attack types.
sted, utgiver, år, opplag, sider
Västerås: Mälardalen University , 2023.
Serie
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 341
HSV kategori
Forskningsprogram
datavetenskap
Identifikatorer
URN: urn:nbn:se:mdh:diva-62403ISBN: 978-91-7485-598-2 (tryckt)OAI: oai:DiVA.org:mdh-62403DiVA, id: diva2:1755154
Presentation
2023-06-16, Beta, Mälardalens universitet, Västerås, 13:15 (engelsk)
Opponent
Veileder
Tilgjengelig fra: 2023-05-09 Laget: 2023-05-05 Sist oppdatert: 2025-10-10bibliografisk kontrollert
Delarbeid
1. Time-series Anomaly Detection and Classification with Long Short-Term Memory Network on Industrial Manufacturing Systems
Åpne denne publikasjonen i ny fane eller vindu >>Time-series Anomaly Detection and Classification with Long Short-Term Memory Network on Industrial Manufacturing Systems
Vise andre…
2023 (engelsk)Rapport (Annet (populærvitenskap, debatt, mm))
HSV kategori
Identifikatorer
urn:nbn:se:mdh:diva-62395 (URN)
Tilgjengelig fra: 2023-05-05 Laget: 2023-05-05 Sist oppdatert: 2025-10-10bibliografisk kontrollert
2. Anomaly Detection Dataset for Industrial Control Systems
Åpne denne publikasjonen i ny fane eller vindu >>Anomaly Detection Dataset for Industrial Control Systems
(engelsk)Manuskript (preprint) (Annet vitenskapelig)
HSV kategori
Identifikatorer
urn:nbn:se:mdh:diva-62392 (URN)
Tilgjengelig fra: 2023-05-05 Laget: 2023-05-05 Sist oppdatert: 2025-10-10bibliografisk kontrollert
3. ICSSIM — A framework for building industrial control systems security testbeds
Åpne denne publikasjonen i ny fane eller vindu >>ICSSIM — A framework for building industrial control systems security testbeds
Vise andre…
2023 (engelsk)Inngår i: Computers in industry (Print), ISSN 0166-3615, E-ISSN 1872-6194, Vol. 148, artikkel-id 103906Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

With the advent of the smart industry, Industrial Control Systems (ICS) moved from isolated environments to connected platforms to meet Industry 4.0 targets. The inherent connectivity in these services exposes such systems to increased cybersecurity risks. To protect ICSs against cyberattacks, intrusion detection systems (IDS) empowered by machine learning are used to detect abnormal behavior of the systems. Operational ICSs are not safe environments to research IDSs due to the possibility of catastrophic risks. Therefore, realistic ICS testbeds enable researchers to analyze and validate their IDSs in a controlled environment. Although various ICS testbeds have been developed, researchers' access to a low-cost, extendable, and customizable testbed that can accurately simulate ICSs and suits security research is still an important issue.

In this paper, we present ICSSIM, a framework for building customized virtual ICS security testbeds in which various cyber threats and network attacks can be effectively and efficiently investigated. This framework contains base classes to simulate control system components and communications. Simulated components are deployable on actual hardware such as Raspberry Pis, containerized environments like Docker, and simulation environments such as GNS-3. ICSSIM also offers physical process modeling using software and hardware in the loop simulation. This framework reduces the time for developing ICS components and aims to produce extendable, versatile, reproducible, low-cost, and comprehensive ICS testbeds with realistic details and high fidelity. We demonstrate ICSSIM by creating a testbed and validating its functionality by showing how different cyberattacks can be applied.
sted, utgiver, år, opplag, sider
Elsevier BV, 2023
Emneord
Cybersecurity, Industrial Control System, Testbed, Network Emulation, Cyberattack
HSV kategori
Forskningsprogram
datavetenskap
Identifikatorer
urn:nbn:se:mdh:diva-62321 (URN)10.1016/j.compind.2023.103906 (DOI)000966310200001 ()2-s2.0-85151016386 (Scopus ID)
Tilgjengelig fra: 2023-04-24 Laget: 2023-04-24 Sist oppdatert: 2026-06-12bibliografisk kontrollert
4. Digital Twin-based Intrusion Detection for Industrial Control Systems
Åpne denne publikasjonen i ny fane eller vindu >>Digital Twin-based Intrusion Detection for Industrial Control Systems
Vise andre…
2022 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
sted, utgiver, år, opplag, sider
Institute of Electrical and Electronics Engineers (IEEE), 2022
HSV kategori
Identifikatorer
urn:nbn:se:mdh:diva-62399 (URN)10.1109/PerComWorkshops53856.2022.9767492 (DOI)000821801200128 ()2-s2.0-85130615468 (Scopus ID)9781665416474 (ISBN)
Konferanse
IEEE Annual Conference on Pervasive Computing and Communications Workshops (PerCom)
Tilgjengelig fra: 2023-05-05 Laget: 2023-05-05 Sist oppdatert: 2026-06-15bibliografisk kontrollert

Open Access i DiVA

fulltext(618 kB)859 nedlastinger
Filinformasjon
Fil FULLTEXT02.pdfFilstørrelse 618 kBChecksum SHA-512
6116466f79eee1395b03cbe199d9308a67f6ae1a95391b0433d4c4b51f6e24b3f91e9d7767aadd05fe0b15e1c8d09ed6e9a174737744010fea670b81132d56bf
Type fulltextMimetype application/pdf

Person

Dehlaghi-Ghadim, Alireza

Søk i DiVA

Av forfatter/redaktør
Dehlaghi-Ghadim, Alireza
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 865 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

isbn
urn-nbn

Altmetric

isbn
urn-nbn
Totalt: 2102 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Mälardalens universitetsbibliotek
|
DiVA Logga in