Toward Detection and Attribution of Cyber-Attacks in IoT-Enabled Cyber-Physical Systems

• Published in: IEEE internet of things journal Vol. 8; no. 17; pp. 13712 - 13722
• Main Authors: Jahromi, Amir Namavar, Karimipour, Hadis, Dehghantanha, Ali, Choo, Kim-Kwang Raymond
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.09.2021; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Artificial neural networks; Control systems; Cyber threat attribution; cyber threat detection; cyber-attacks; Cyber-physical systems; Cybersecurity; cyber–physical systems (CPS); Decision trees; deep representation learning; Feature extraction; Gas pipelines; industrial control system (ICS); Industrial electronics; Industrial Internet of Things; Industrial Internet of Things (IIoT); Integrated circuits; Internet of Things; Machine learning; Mathematical model; Natural gas; Neural networks; Pipelines; Support vector machines; System effectiveness; Water treatment
• ISSN: 2327-4662; 2327-4662
• DOI: 10.1109/JIOT.2021.3067667

Securing Internet-of-Things (IoT)-enabled cyber-physical systems (CPS) can be challenging, as security solutions developed for general information/operational technology (IT/OT) systems may not be as effective in a CPS setting. Thus, this article presents a two-level ensemble attack detection and attribution framework designed for CPS, and more specifically in an industrial control system (ICS). At the first level, a decision tree combined with a novel ensemble deep representation-learning model is developed for detecting attacks imbalanced ICS environments. At the second level, an ensemble deep neural network is designed to facilitate attack attribution. The proposed model is evaluated using real-world data sets in gas pipeline and water treatment system. Findings demonstrate that the proposed model outperforms other competing approaches with similar computational complexity.