Machine Learning Methods for Industrial Protocol Security Analysis: Issues, Taxonomy, and Directions

被引：9

作者：

Men, Jiaping ^{[1
]}

Lv, Zhuo ^{[2
]}

Zhou, Xiaojun ^{[3
]}

Han, Zhen ^{[1
]}

Xian, Hequn ^{[4
]}

Song, Ya-Nan ^{[5
]}

机构：

[1] Beijing Jiaotong Univ, Beijing Key Lab Secur & Privacy Intelligent Trans, Beijing 100044, Peoples R China

[2] State Grid Henan Elect Power Res Inst, Zhengzhou 450052, Peoples R China

[3] Chinese Acad Sci, Inst Informat Engn, Beijing 100864, Peoples R China

[4] Qingdao Univ, Coll Comp Sci & Technol, Qingdao 266071, Peoples R China

[5] Macau Univ Sci & Technol, Sch Business, Taipa, Macau, Peoples R China

来源：

IEEE ACCESS | 2020年 / 8卷

关键词：

Protocol vulnerability; vulnerability analysis; machine learning; exploitation; ICS security; AUDIT DATA STREAMS; BAYESIAN NETWORK; INTRUSION; FEATURES; BEHAVIOR; APPS;

D O I：

10.1109/ACCESS.2020.2976745

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Machine learning has been widely studied in the security analysis of Industrial Control Systems (ICSs). However, in industrial scenarios, the amount of data as well as the speed of data generation are very different from standard machine learning data sets. Using these heterogeneous data and finding meaningful insights for practical security applications in ICSs is a big challenge. In addition, ICSs have been built for quite a long time. Security has not been seriously taken into account when ICSs were built. Security assessment or attack prevention cannot always be done in real time, as an ICS requires to be online all the time, especially when it comes to systems that affect critical infrastructure. In this work, we are motivated to a provide a clear and comprehensive survey of the state-of-the-art work that employs machine learning in security applications in ICSs, including vulnerability analysis, vulnerability detection and exploitation, anomaly detection and security assessment. Based on our in-depth survey, we highlight the issues of industrial protocol analysis with machine learning methods, provide the security applications with machine learning in ICSs and indicate the future directions.

引用

页码：83842 / 83857

页数：16

共 90 条

[1] Agostin A., DEFENSE DEPTH SECURE
[2] [Anonymous], 2019, 2019 INT C CREATIVE, DOI DOI 10.1109/CREBUS.2019.8840089
[3] [Anonymous], IEEE T NETW SCI ENG
[4] [Anonymous], 2011, Proceedings of the 6th ACM symposium on information, computer and communications security
[5] Bagaria S., 2011, 2011 International Conference on Recent Trends in Information Systems (ReTIS), P293, DOI 10.1109/ReTIS.2011.6146884
[6] Beal MJ, 2002, ADV NEUR IN, V14, P577
[7] An Evaluation of Machine Learning Methods to Detect Malicious SCADA Communications
Beaver, Justin M.
Borges-Hink, Raymond C.
Buckner, Mark. A.
[J]. 2013 12TH INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND APPLICATIONS (ICMLA 2013), VOL 2, 2013, : 54 - 59
[8] Vulnerability analysis of SCADA protocol binaries through detection of memory access taintedness
Bellettini, Carlo
Rrushi, Julian L.
[J]. 2007 IEEE INFORMATION ASSURANCE WORKSHOP, 2007, : 341 - +
[9] KingFisher: an Industrial Security Framework based on Variational Autoencoders
Bernieri, Giuseppe
Conti, Mauro
Turrin, Federico
[J]. SENSYS-ML'19: PROCEEDINGS OF THE FIRST WORKSHOP ON MACHINE LEARNING ON EDGE IN SENSOR SYSTEMS, 2019, : 7 - 12
[10] Bratus S., 2008, 634 DARM COLL

← 1 2 3 4 5 6 7 8 9 →