Evaluating Performance of Scalable Fair Clustering Machine Learning Techniques in Detecting Cyber Attacks in Industrial Control Systems

Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.

Download Full-text

A review: towards practical attack taxonomy for industrial control systems

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.14.12815 ◽

2018 ◽

Vol 7 (2.14) ◽

pp. 145 ◽

Cited By ~ 1

Author(s):

Qais Saif Qassim ◽

Norziana Jamil ◽

Razali Jidin ◽

Mohd Ezanee Rusli ◽

Md Nabil Ahmad Zawawi ◽

...

Keyword(s):

Control Systems ◽

Supervisory Control ◽

Cyber Attacks ◽

Critical Infrastructures ◽

Cyber Attack ◽

Industrial Control ◽

Industrial Control Systems ◽

Scada System ◽

Water Transportation ◽

Different Types

Supervisory Control and Data Acquisition (SCADA) system is the underlying control system of most national critical infrastructures such as power, energy, water, transportation and telecommunication. In order to understand the potential threats to these infrastructures and the mechanisms to protect them, different types of cyber-attacks applicable to these infrastructures need to be identified. Therefore, there is a significant need to have a comprehensive understanding of various types of cyber-attacks and its classification associated with both Opera-tion Technology (OT) and Information Technology (IT). This paper presents a comprehensive review of existing cyber-attack taxonomies available in the literature and evaluates these taxonomies based on defined criteria.

Download Full-text

Deep Learning Techniques to Detect DoS Attacks on Industrial Control Systems: A Systematic Literature Review

10.1145/3485557.3485577 ◽

2021 ◽

Author(s):

Abdalkarim R M Seyam ◽

Ali Bou Nassif ◽

Qassim Nasir ◽

Bushra Al Blooshi ◽

Manar Abu Talib

Keyword(s):

Deep Learning ◽

Literature Review ◽

Control Systems ◽

Systematic Literature Review ◽

Dos Attacks ◽

Industrial Control ◽

Industrial Control Systems ◽

Learning Techniques

Download Full-text

Machine learning techniques applied to detect cyber attacks on web applications

Logic Journal of IGPL ◽

10.1093/jigpal/jzu038 ◽

2014 ◽

Vol 23 (1) ◽

pp. 45-56 ◽

Cited By ~ 22

Author(s):

M. Chora ◽

R. Kozik

Keyword(s):

Machine Learning ◽

Web Applications ◽

Cyber Attacks ◽

Machine Learning Techniques ◽

Learning Techniques

Download Full-text

Cybersecurity Leadership: Competencies, Governance, and Technologies for Industrial Control Systems

Journal of Interconnection Networks ◽

10.1142/s0219265917400011 ◽

2017 ◽

Vol 17 (01) ◽

pp. 1740001 ◽

Cited By ~ 5

Author(s):

JEAN-PIERRE AUFFRET ◽

JANE L. SNOWDON ◽

ANGELOS STAVROU ◽

JEFFREY S. KATZ ◽

DIANA KELLEY ◽

...

Keyword(s):

Smart Grid ◽

Control Systems ◽

Leadership Competencies ◽

Cyber Attacks ◽

Industrial Control ◽

Public And Private ◽

Industrial Control Systems ◽

Grid Systems ◽

Private Organizations ◽

Emerging Risk

The extensive integration of interconnected devices and the inadvertent information obtained from untrusted sources has exposed the Industrial Control Systems (ICS) ecosystem to remote attacks by the exploitation of new and old vulnerabilities. Unfortunately, although recognized as an emerging risk based on the recent rise of cyber attacks, cybersecurity for ICS has not been addressed adequately both in terms of technology but, most importantly, in terms of organizational leadership and policy. In this paper, we will present our findings regarding the cybersecurity challenges for Smart Grid and ICS and the need for changes in the way that organizations perceive cybersecurity risk and leverage resources to balance the needs for information security and operational security. Moreover, we present empirical data that point to cybersecurity governance and technology principles that can help public and private organizations to navigate successfully the technical cybersecurity challenges for ICS and Smart Grid systems. We believe that by identifying and mitigating the inherent risks in their systems, operations, and processes, enterprises will be in a better position to shield themselves and protect against current and future cyber threats.

Download Full-text

Digital Forensic Analysis of Industrial Control Systems Using Sandboxing: A Case of WAMPAC Applications in the Power Systems

Energies ◽

10.3390/en12132598 ◽

2019 ◽

Vol 12 (13) ◽

pp. 2598

Author(s):

Asif Iqbal ◽

Farhan Mahmood ◽

Mathias Ekstedt

Keyword(s):

Power Systems ◽

Control Systems ◽

Forensic Analysis ◽

Cyber Attacks ◽

Power Grids ◽

Cyber Attack ◽

Industrial Control ◽

Industrial Control Systems ◽

Daubert Standard ◽

And Control

In today’s connected world, there is a tendency of connectivity even in the sectors which conventionally have been not so connected in the past, such as power systems substations. Substations have seen considerable digitalization of the grid hence, providing much more available insights than before. This has all been possible due to connectivity, digitalization and automation of the power grids. Interestingly, this also means that anybody can access such critical infrastructures from a remote location and gone are the days of physical barriers. The power of connectivity and control makes it a much more challenging task to protect critical industrial control systems. This capability comes at a price, in this case, increasing the risk of potential cyber threats to substations. With all such potential risks, it is important that they can be traced back and attributed to any potential threats to their roots. It is extremely important for a forensic investigation to get credible evidence of any cyber-attack as required by the Daubert standard. Hence, to be able to identify and capture digital artifacts as a result of different attacks, in this paper, the authors have implemented and improvised a forensic testbed by implementing a sandboxing technique in the context of real time-hardware-in-the-loop setup. Newer experiments have been added by emulating the cyber-attacks on WAMPAC applications, and collecting and analyzing captured artifacts. Further, using sandboxing for the first time in such a setup has proven helpful.

Download Full-text