IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v38y2022ics1874548222000300.html
   My bibliography  Save this article

Cyber-attacks detection in industrial systems using artificial intelligence-driven methods

Author

Listed:
  • Wang, Wu
  • Harrou, Fouzi
  • Bouyeddou, Benamar
  • Senouci, Sidi-Mohammed
  • Sun, Ying

Abstract

Modern industrial systems and critical infrastructures are constantly exposed to malicious cyber-attacks that are challenging and difficult to identify. Cyber-attacks can cause severe economic losses and damage the attacked system if not detected accurately and timely. Therefore, designing an accurate and sensitive intrusion detection system is undoubtedly necessary to ensure the productivity and safety of industrial systems against cyber-attacks. This paper first introduces a stacked deep learning method to detect malicious attacks in SCADA systems. We also consider eleven machine learning models, including the Xtreme Gradient Boosting (XGBoost), Random forest, Bagging, support vector machines with different kernels, classification tree pruned by the minimum cross-validation and by 1-standard error rule, linear discriminate analysis, conditional inference tree, and the C5.0 tree. Real data sets with different kinds of cyber-attacks from two laboratory-scale SCADA systems, gas pipeline and water storage tank systems, are employed to evaluate the performance of the investigated methods. Seven evaluation metrics have been used to compare the investigated models (accuracy, sensitivity, specificity, precision, recall, F1-score, and area under curve, or AUC). Overall, results show that the XGBoost approach achieved superior detection performance than all other investigated methods. This could be due to its desirable characteristics to avoid overfitting, decreases the complexity of individual trees, robustness to outliers, and invariance to scaling and monotonic transformations of the features. Unexpectedly, the deep learning models are not providing the best performance in this case study, even with their extended capacity to capture complex features interactions.

Suggested Citation

  • Wang, Wu & Harrou, Fouzi & Bouyeddou, Benamar & Senouci, Sidi-Mohammed & Sun, Ying, 2022. "Cyber-attacks detection in industrial systems using artificial intelligence-driven methods," International Journal of Critical Infrastructure Protection, Elsevier, vol. 38(C).
    • Handle: RePEc:eee:ijocip:v:38:y:2022:i:c:s1874548222000300
    DOI: 10.1016/j.ijcip.2022.100542
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548222000300
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2022.100542?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Wright, Marvin N. & Ziegler, Andreas, 2017. "ranger: A Fast Implementation of Random Forests for High Dimensional Data in C++ and R," Journal of Statistical Software, Foundation for Open Access Statistics, vol. 77(i01).
    2. Abou el Kalam, Anas, 2021. "Securing SCADA and critical industrial systems: From needs to security mechanisms," International Journal of Critical Infrastructure Protection, Elsevier, vol. 32(C).
    3. Erez, Noam & Wool, Avishai, 2015. "Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 10(C), pages 59-70.
    4. Morris, Thomas & Srivastava, Anurag & Reaves, Bradley & Gao, Wei & Pavurapu, Kalyan & Reddi, Ram, 2011. "A control system testbed to validate critical infrastructure protection concepts," International Journal of Critical Infrastructure Protection, Elsevier, vol. 4(2), pages 88-103.
    5. Barbosa, Rafael Ramos Regis & Sadre, Ramin & Pras, Aiko, 2013. "Flow whitelisting in SCADA networks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 6(3), pages 150-158.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Jakub Filip Możaryn & Michał Frątczak & Krzysztof Stebel & Tomasz Kłopot & Witold Nocoń & Andrzej Ordys & Stepan Ozana, 2023. "Stealthy Cyberattacks Detection Based on Control Performance Assessment Methods for the Air Conditioning Industrial Installation," Energies, MDPI, vol. 16(3), pages 1-15, January.
    2. Fouzi Harrou & Bilal Taghezouit & Sofiane Khadraoui & Abdelkader Dairi & Ying Sun & Amar Hadj Arab, 2022. "Ensemble Learning Techniques-Based Monitoring Charts for Fault Detection in Photovoltaic Systems," Energies, MDPI, vol. 15(18), pages 1-28, September.
    3. Benamar Bouyeddou & Fouzi Harrou & Bilal Taghezouit & Ying Sun & Amar Hadj Arab, 2022. "Improved Semi-Supervised Data-Mining-Based Schemes for Fault Detection in a Grid-Connected Photovoltaic System," Energies, MDPI, vol. 15(21), pages 1-22, October.
    4. Solat, Amirhossein & Gharehpetian, G.B. & Naderi, Mehdi Salay & Anvari-Moghaddam, Amjad, 2024. "On the control of microgrids against cyber-attacks: A review of methods and applications," Applied Energy, Elsevier, vol. 353(PA).
    5. Tehseen Mazhar & Hafiz Muhammad Irfan & Sunawar Khan & Inayatul Haq & Inam Ullah & Muhammad Iqbal & Habib Hamam, 2023. "Analysis of Cyber Security Attacks and Its Solutions for the Smart grid Using Machine Learning and Blockchain Methods," Future Internet, MDPI, vol. 15(2), pages 1-37, February.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Jarmakiewicz, Jacek & Parobczak, Krzysztof & Maślanka, Krzysztof, 2017. "Cybersecurity protection for power grid control infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 18(C), pages 20-33.
    2. Backer, David & Billing, Trey, 2024. "Forecasting the prevalence of child acute malnutrition using environmental and conflict conditions as leading indicators," World Development, Elsevier, vol. 176(C).
    3. Mariana Oliveira & Luís Torgo & Vítor Santos Costa, 2021. "Evaluation Procedures for Forecasting with Spatiotemporal Data," Mathematics, MDPI, vol. 9(6), pages 1-27, March.
    4. Bokelmann, Björn & Lessmann, Stefan, 2024. "Improving uplift model evaluation on randomized controlled trial data," European Journal of Operational Research, Elsevier, vol. 313(2), pages 691-707.
    5. Joel Podgorski & Oliver Kracht & Luis Araguas-Araguas & Stefan Terzer-Wassmuth & Jodie Miller & Ralf Straub & Rolf Kipfer & Michael Berg, 2024. "Groundwater vulnerability to pollution in Africa’s Sahel region," Nature Sustainability, Nature, vol. 7(5), pages 558-567, May.
    6. Monzer, Mohamad-Houssein & Beydoun, Kamal & Ghaith, Alaa & Flaus, Jean-Marie, 2022. "Model-based IDS design for ICSs," Reliability Engineering and System Safety, Elsevier, vol. 225(C).
    7. Chakravorty, Bhaskar & Arulampalam, Wiji & Bhatiya, Apurav Yash & Imbert, Clément & Rathelot, Roland, 2024. "Can information about jobs improve the effectiveness of vocational training? Experimental evidence from India," Journal of Development Economics, Elsevier, vol. 169(C).
    8. Arjan S. Gosal & Janine A. McMahon & Katharine M. Bowgen & Catherine H. Hoppe & Guy Ziv, 2021. "Identifying and Mapping Groups of Protected Area Visitors by Environmental Awareness," Land, MDPI, vol. 10(6), pages 1-14, May.
    9. Albert Stuart Reece & Gary Kenneth Hulse, 2022. "European Epidemiological Patterns of Cannabis- and Substance-Related Congenital Neurological Anomalies: Geospatiotemporal and Causal Inferential Study," IJERPH, MDPI, vol. 20(1), pages 1-35, December.
    10. Foutzopoulos, Giorgos & Pandis, Nikolaos & Tsagris, Michail, 2024. "Predicting full retirement attainment of NBA players," MPRA Paper 121540, University Library of Munich, Germany.
    11. Michael Parzinger & Lucia Hanfstaengl & Ferdinand Sigg & Uli Spindler & Ulrich Wellisch & Markus Wirnsberger, 2020. "Residual Analysis of Predictive Modelling Data for Automated Fault Detection in Building’s Heating, Ventilation and Air Conditioning Systems," Sustainability, MDPI, vol. 12(17), pages 1-18, August.
    12. Singh, Abhishek Narain & Gupta, M.P. & Ojha, Amitabh, 2014. "Identifying critical infrastructure sectors and their dependencies: An Indian scenario," International Journal of Critical Infrastructure Protection, Elsevier, vol. 7(2), pages 71-85.
    13. Van Belle, Jente & Guns, Tias & Verbeke, Wouter, 2021. "Using shared sell-through data to forecast wholesaler demand in multi-echelon supply chains," European Journal of Operational Research, Elsevier, vol. 288(2), pages 466-479.
    14. Tania L. Maxwell & Mark D. Spalding & Daniel A. Friess & Nicholas J. Murray & Kerrylee Rogers & Andre S. Rovai & Lindsey S. Smart & Lukas Weilguny & Maria Fernanda Adame & Janine B. Adams & William E., 2024. "Soil carbon in the world’s tidal marshes," Nature Communications, Nature, vol. 15(1), pages 1-16, December.
    15. Albert Stuart Reece & Gary Kenneth Hulse, 2022. "European Epidemiological Patterns of Cannabis- and Substance-Related Body Wall Congenital Anomalies: Geospatiotemporal and Causal Inferential Study," IJERPH, MDPI, vol. 19(15), pages 1-38, July.
    16. Philipp Bach & Victor Chernozhukov & Malte S. Kurz & Martin Spindler & Sven Klaassen, 2021. "DoubleML -- An Object-Oriented Implementation of Double Machine Learning in R," Papers 2103.09603, arXiv.org, revised Jun 2024.
    17. Marchetto, Elisa & Da Re, Daniele & Tordoni, Enrico & Bazzichetto, Manuele & Zannini, Piero & Celebrin, Simone & Chieffallo, Ludovico & Malavasi, Marco & Rocchini, Duccio, 2023. "Testing the effect of sample prevalence and sampling methods on probability- and favourability-based SDMs," Ecological Modelling, Elsevier, vol. 477(C).
    18. Jorge Luis Andrade & José Luis Valencia, 2022. "A Fuzzy Random Survival Forest for Predicting Lapses in Insurance Portfolios Containing Imprecise Data," Mathematics, MDPI, vol. 11(1), pages 1-16, December.
    19. Eeva-Katri Kumpula & Pauline Norris & Adam C Pomerleau, 2020. "Stocks of paracetamol products stored in urban New Zealand households: A cross-sectional study," PLOS ONE, Public Library of Science, vol. 15(6), pages 1-11, June.
    20. Michael Bucker & Gero Szepannek & Alicja Gosiewska & Przemyslaw Biecek, 2020. "Transparency, Auditability and eXplainability of Machine Learning Models in Credit Scoring," Papers 2009.13384, arXiv.org.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:38:y:2022:i:c:s1874548222000300. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.