TY - JOUR
T1 - Enhancing Anomaly Detection in Industrial Control Systems through Supervised Learning and Explainable Artificial Intelligence
AU - Bhatt, Dhruv G.
AU - Kyada, Parshad U.
AU - Rathore, Rajkumar Singh
AU - Nallakaruppan, M. K.
AU - Alotaibi, Faisal Mohammed
AU - Jhaveri, Rutvij H.
N1 - Publisher Copyright:
© 2024, American Scientific Publishing Group (ASPG). All rights reserved.
PY - 2024/9
Y1 - 2024/9
N2 - This paper addresses industrial control security (ICS) security, focusing on utilizing intrusion detection systems (IDS) to protect ICS networks. It suggests the use of a Measurement Intrusion Detection System (MIDS) over a Network Intrusion Detection System (NIDS), directly analyzing measurement data to detect unseen activities. Training MIDS requires a labeled dataset of various attacks, and a hardware-in-the-loop (HIL) system is used for safer attack simulations. The main aim is to assess MIDS performance through machine learning (ML) on this dataset. Explainable artificial intelligence (XAI) is integrated for transparency in decision-making. Various ML models, such as random forest, achieve high accuracy in detecting anomalies, notably stealthy attacks, with a receiver operating curve (ROC) of 0.9999 and an accuracy of 0.9795. This highlights the importance of machine learning in securing ICS, supported by XAI’s explanatory power.
AB - This paper addresses industrial control security (ICS) security, focusing on utilizing intrusion detection systems (IDS) to protect ICS networks. It suggests the use of a Measurement Intrusion Detection System (MIDS) over a Network Intrusion Detection System (NIDS), directly analyzing measurement data to detect unseen activities. Training MIDS requires a labeled dataset of various attacks, and a hardware-in-the-loop (HIL) system is used for safer attack simulations. The main aim is to assess MIDS performance through machine learning (ML) on this dataset. Explainable artificial intelligence (XAI) is integrated for transparency in decision-making. Various ML models, such as random forest, achieve high accuracy in detecting anomalies, notably stealthy attacks, with a receiver operating curve (ROC) of 0.9999 and an accuracy of 0.9795. This highlights the importance of machine learning in securing ICS, supported by XAI’s explanatory power.
KW - Hardware in the Loop (HIL) System
KW - Intrusion Detection
KW - Machine Learning
KW - Real-time Attack Detection
KW - Stealthy Attacks
UR - http://www.scopus.com/inward/record.url?scp=85204209478&partnerID=8YFLogxK
U2 - 10.54216/JCIM.150125
DO - 10.54216/JCIM.150125
M3 - Article
AN - SCOPUS:85204209478
SN - 2769-7851
VL - 15
SP - 314
EP - 331
JO - Journal of Cybersecurity and Information Management
JF - Journal of Cybersecurity and Information Management
IS - 1
ER -