IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v38y2022ics1874548222000300.html
   My bibliography  Save this article

Cyber-attacks detection in industrial systems using artificial intelligence-driven methods

Author

Listed:
  • Wang, Wu
  • Harrou, Fouzi
  • Bouyeddou, Benamar
  • Senouci, Sidi-Mohammed
  • Sun, Ying

Abstract

Modern industrial systems and critical infrastructures are constantly exposed to malicious cyber-attacks that are challenging and difficult to identify. Cyber-attacks can cause severe economic losses and damage the attacked system if not detected accurately and timely. Therefore, designing an accurate and sensitive intrusion detection system is undoubtedly necessary to ensure the productivity and safety of industrial systems against cyber-attacks. This paper first introduces a stacked deep learning method to detect malicious attacks in SCADA systems. We also consider eleven machine learning models, including the Xtreme Gradient Boosting (XGBoost), Random forest, Bagging, support vector machines with different kernels, classification tree pruned by the minimum cross-validation and by 1-standard error rule, linear discriminate analysis, conditional inference tree, and the C5.0 tree. Real data sets with different kinds of cyber-attacks from two laboratory-scale SCADA systems, gas pipeline and water storage tank systems, are employed to evaluate the performance of the investigated methods. Seven evaluation metrics have been used to compare the investigated models (accuracy, sensitivity, specificity, precision, recall, F1-score, and area under curve, or AUC). Overall, results show that the XGBoost approach achieved superior detection performance than all other investigated methods. This could be due to its desirable characteristics to avoid overfitting, decreases the complexity of individual trees, robustness to outliers, and invariance to scaling and monotonic transformations of the features. Unexpectedly, the deep learning models are not providing the best performance in this case study, even with their extended capacity to capture complex features interactions.

Suggested Citation

  • Wang, Wu & Harrou, Fouzi & Bouyeddou, Benamar & Senouci, Sidi-Mohammed & Sun, Ying, 2022. "Cyber-attacks detection in industrial systems using artificial intelligence-driven methods," International Journal of Critical Infrastructure Protection, Elsevier, vol. 38(C).
  • Handle: RePEc:eee:ijocip:v:38:y:2022:i:c:s1874548222000300
    DOI: 10.1016/j.ijcip.2022.100542
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548222000300
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.ijcip.2022.100542?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Barbosa, Rafael Ramos Regis & Sadre, Ramin & Pras, Aiko, 2013. "Flow whitelisting in SCADA networks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 6(3), pages 150-158.
    2. Wright, Marvin N. & Ziegler, Andreas, 2017. "ranger: A Fast Implementation of Random Forests for High Dimensional Data in C++ and R," Journal of Statistical Software, Foundation for Open Access Statistics, vol. 77(i01).
    3. Abou el Kalam, Anas, 2021. "Securing SCADA and critical industrial systems: From needs to security mechanisms," International Journal of Critical Infrastructure Protection, Elsevier, vol. 32(C).
    4. Erez, Noam & Wool, Avishai, 2015. "Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 10(C), pages 59-70.
    5. Morris, Thomas & Srivastava, Anurag & Reaves, Bradley & Gao, Wei & Pavurapu, Kalyan & Reddi, Ram, 2011. "A control system testbed to validate critical infrastructure protection concepts," International Journal of Critical Infrastructure Protection, Elsevier, vol. 4(2), pages 88-103.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Jakub Filip Możaryn & Michał Frątczak & Krzysztof Stebel & Tomasz Kłopot & Witold Nocoń & Andrzej Ordys & Stepan Ozana, 2023. "Stealthy Cyberattacks Detection Based on Control Performance Assessment Methods for the Air Conditioning Industrial Installation," Energies, MDPI, vol. 16(3), pages 1-15, January.
    2. Fouzi Harrou & Bilal Taghezouit & Sofiane Khadraoui & Abdelkader Dairi & Ying Sun & Amar Hadj Arab, 2022. "Ensemble Learning Techniques-Based Monitoring Charts for Fault Detection in Photovoltaic Systems," Energies, MDPI, vol. 15(18), pages 1-28, September.
    3. Benamar Bouyeddou & Fouzi Harrou & Bilal Taghezouit & Ying Sun & Amar Hadj Arab, 2022. "Improved Semi-Supervised Data-Mining-Based Schemes for Fault Detection in a Grid-Connected Photovoltaic System," Energies, MDPI, vol. 15(21), pages 1-22, October.
    4. Solat, Amirhossein & Gharehpetian, G.B. & Naderi, Mehdi Salay & Anvari-Moghaddam, Amjad, 2024. "On the control of microgrids against cyber-attacks: A review of methods and applications," Applied Energy, Elsevier, vol. 353(PA).
    5. Tehseen Mazhar & Hafiz Muhammad Irfan & Sunawar Khan & Inayatul Haq & Inam Ullah & Muhammad Iqbal & Habib Hamam, 2023. "Analysis of Cyber Security Attacks and Its Solutions for the Smart grid Using Machine Learning and Blockchain Methods," Future Internet, MDPI, vol. 15(2), pages 1-37, February.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Jarmakiewicz, Jacek & Parobczak, Krzysztof & Maślanka, Krzysztof, 2017. "Cybersecurity protection for power grid control infrastructures," International Journal of Critical Infrastructure Protection, Elsevier, vol. 18(C), pages 20-33.
    2. Bokelmann, Björn & Lessmann, Stefan, 2024. "Improving uplift model evaluation on randomized controlled trial data," European Journal of Operational Research, Elsevier, vol. 313(2), pages 691-707.
    3. Joel Podgorski & Oliver Kracht & Luis Araguas-Araguas & Stefan Terzer-Wassmuth & Jodie Miller & Ralf Straub & Rolf Kipfer & Michael Berg, 2024. "Groundwater vulnerability to pollution in Africa’s Sahel region," Nature Sustainability, Nature, vol. 7(5), pages 558-567, May.
    4. Monzer, Mohamad-Houssein & Beydoun, Kamal & Ghaith, Alaa & Flaus, Jean-Marie, 2022. "Model-based IDS design for ICSs," Reliability Engineering and System Safety, Elsevier, vol. 225(C).
    5. Chakravorty, Bhaskar & Arulampalam, Wiji & Bhatiya, Apurav Yash & Imbert, Clément & Rathelot, Roland, 2024. "Can information about jobs improve the effectiveness of vocational training? Experimental evidence from India," Journal of Development Economics, Elsevier, vol. 169(C).
    6. Albert Stuart Reece & Gary Kenneth Hulse, 2022. "European Epidemiological Patterns of Cannabis- and Substance-Related Congenital Neurological Anomalies: Geospatiotemporal and Causal Inferential Study," IJERPH, MDPI, vol. 20(1), pages 1-35, December.
    7. Foutzopoulos, Giorgos & Pandis, Nikolaos & Tsagris, Michail, 2024. "Predicting full retirement attainment of NBA players," MPRA Paper 121540, University Library of Munich, Germany.
    8. Van Belle, Jente & Guns, Tias & Verbeke, Wouter, 2021. "Using shared sell-through data to forecast wholesaler demand in multi-echelon supply chains," European Journal of Operational Research, Elsevier, vol. 288(2), pages 466-479.
    9. Philipp Bach & Victor Chernozhukov & Malte S. Kurz & Martin Spindler & Sven Klaassen, 2021. "DoubleML -- An Object-Oriented Implementation of Double Machine Learning in R," Papers 2103.09603, arXiv.org, revised Jun 2024.
    10. Marchetto, Elisa & Da Re, Daniele & Tordoni, Enrico & Bazzichetto, Manuele & Zannini, Piero & Celebrin, Simone & Chieffallo, Ludovico & Malavasi, Marco & Rocchini, Duccio, 2023. "Testing the effect of sample prevalence and sampling methods on probability- and favourability-based SDMs," Ecological Modelling, Elsevier, vol. 477(C).
    11. Eeva-Katri Kumpula & Pauline Norris & Adam C Pomerleau, 2020. "Stocks of paracetamol products stored in urban New Zealand households: A cross-sectional study," PLOS ONE, Public Library of Science, vol. 15(6), pages 1-11, June.
    12. Michael Bucker & Gero Szepannek & Alicja Gosiewska & Przemyslaw Biecek, 2020. "Transparency, Auditability and eXplainability of Machine Learning Models in Credit Scoring," Papers 2009.13384, arXiv.org.
    13. Jian Lu & Raheel Ahmad & Thomas Nguyen & Jeffrey Cifello & Humza Hemani & Jiangyuan Li & Jinguo Chen & Siyi Li & Jing Wang & Achouak Achour & Joseph Chen & Meagan Colie & Ana Lustig & Christopher Dunn, 2022. "Heterogeneity and transcriptome changes of human CD8+ T cells across nine decades of life," Nature Communications, Nature, vol. 13(1), pages 1-13, December.
    14. Timo Schulte & Tillmann Wurz & Oliver Groene & Sabine Bohnet-Joschko, 2023. "Big Data Analytics to Reduce Preventable Hospitalizations—Using Real-World Data to Predict Ambulatory Care-Sensitive Conditions," IJERPH, MDPI, vol. 20(6), pages 1-16, March.
    15. Bennett, Donyetta & Mekelburg, Erik & Strauss, Jack & Williams, T.H., 2024. "Unlocking the black box of sentiment and cryptocurrency: What, which, why, when and how?," Global Finance Journal, Elsevier, vol. 60(C).
    16. Fogliato Riccardo & Oliveira Natalia L. & Yurko Ronald, 2021. "TRAP: a predictive framework for the Assessment of Performance in Trail Running," Journal of Quantitative Analysis in Sports, De Gruyter, vol. 17(2), pages 129-143, June.
    17. Victor Martínez‐de‐Albéniz & Arnau Planas & Stefano Nasini, 2020. "Using Clickstream Data to Improve Flash Sales Effectiveness," Production and Operations Management, Production and Operations Management Society, vol. 29(11), pages 2508-2531, November.
    18. Huber, Martin & Meier, Jonas & Wallimann, Hannes, 2022. "Business analytics meets artificial intelligence: Assessing the demand effects of discounts on Swiss train tickets," Transportation Research Part B: Methodological, Elsevier, vol. 163(C), pages 22-39.
    19. Urrea, Claudio & Morales, Claudio & Kern, John, 2016. "Implementation of error detection and correction in the Modbus-RTU serial protocol," International Journal of Critical Infrastructure Protection, Elsevier, vol. 15(C), pages 27-37.
    20. Michaël Zamo & Liliane Bel & Olivier Mestre, 2021. "Sequential aggregation of probabilistic forecasts—Application to wind speed ensemble forecasts," Journal of the Royal Statistical Society Series C, Royal Statistical Society, vol. 70(1), pages 202-225, January.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:38:y:2022:i:c:s1874548222000300. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.