Scribd Logo
Upload

Welcome to Scribd!

  • Application of Digital Signal Processing Techniques To Improve

    Uploaded by

    Aamir Shehzad
    24 views13 pages
    1) The document discusses using digital signal processing (DSP) techniques to improve machine learning-based cyber attack detection in industrial control systems. 2) It proposes extracting new informative features from ICS sensor signals using a bank of digital low-pass filters to create a multi-channel signal as input to a neural network model. 3) Experiments using the SWaT dataset demonstrate that adding these additional DSP-derived features to a neural network model improves its performance at detecting cyber attacks, as measured by higher accuracy, recall, and F1 scores.

    Original Description:

    Original Title

    Application of Digital Signal Processing Techniques to Improve

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1) The document discusses using digital signal processing (DSP) techniques to improve machine learning-based cyber attack detection in industrial control systems. 2) It proposes extracting new informative features from ICS sensor signals using a bank of digital low-pass filters to create a multi-channel signal as input to a neural network model. 3) Experiments using the SWaT dataset demonstrate that adding these additional DSP-derived features to a neural network model improves its performance at detecting cyber attacks, as measured by higher accuracy, recall, and F1 scores.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    24 views13 pages

    Application of Digital Signal Processing Techniques To Improve

    Uploaded by

    Aamir Shehzad
    1) The document discusses using digital signal processing (DSP) techniques to improve machine learning-based cyber attack detection in industrial control systems. 2) It proposes extracting new informative features from ICS sensor signals using a bank of digital low-pass filters to create a multi-channel signal as input to a neural network model. 3) Experiments using the SWaT dataset demonstrate that adding these additional DSP-derived features to a neural network model improves its performance at detecting cyber attacks, as measured by higher accuracy, recall, and F1 scores.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 13

    Application of Digital Signal Processing

    Techniques to Improve the Performance of


    Machine Learning-based Cyber Attack
    Detection in Industrial Control System
    AAMIR SHEHZAD
    PHD APPLIED MATHEMATICS (ES2349)
    Introduction

     Industrial Control Systems (ICS)


     Increasing integration of industrial and corporate networks and the associated risks
     Importance of improving cyber attack detection in ICS
     Challenges in ICS Security
     Traditional isolation of ICS and the accumulation of vulnerabilities over time
     Limitations of traditional attack detection systems, especially in detecting zero-day
    attacks
    Motivation for Machine Learning

     Why a machine learning-based approach is necessary


     Popularity and success of deep learning, particularly neural networks, in cybersecurity
     OPSO-BPNN Algorithm: In 2017, a significant contribution was made in the IEEE 2nd
    Information Technology Networking Electronic and Automation Control Conference. The
    research focused on intrusion detection in industrial control systems using the OPSO-BPNN
    algorithm. This study represents an innovative approach to intrusion detection, employing
    advanced algorithms tailored for the unique requirements of ICS environments.
     One-Class Anomaly Detection Framework: Demertzis, Iliadis, and Spartalis, in their 2017
    work presented at the International Conference on Engineering Applications of Neural
    Networks, introduced a spiking one-class anomaly detection framework. This framework
    is particularly relevant for cyber-security in ICS, showcasing the potential of anomaly
    detection methods in identifying deviations from normal operational patterns.
     Model Predictive Control in Chemical Processes: Wu, Albalawi, Zhang, Zhang, Durand,
    and Christofides (2018) explored the role of detecting and handling cyber-attacks within
    the context of model predictive control of chemical processes. Published in the journal
    Mathematics, this study underscores the importance of cybersecurity in the management
    of chemical processes, a critical component of many industrial systems.
    Creating New Features Using DSP Technology

     Method of converting the signal using a comb of digital low-pass filters


     Vertical signal as a multi-channel signal with components from the low-pass filter comb
     FIR-low-pass filters with successively decreasing cutoff frequencies
     Sequential noise filtering using a parallel set of digital low-pass filters
     Benefits of this method in obtaining informative features
    Neural Network Model

     Fully connected neural network with two hidden layers used in the model
     Signals from ICS sensors and one basic component for each signal are input to the model
     Model's Purpose: Classifying the state of the ICS system (normal state or under a cyber
    attack)
    Secure Water Treatment (SWaT) Dataset

     Motivation behind creating the SWaT dataset


     Realistic and voluminous datasets for cyber attack detection in automated process control
    systems
     Data from 25 sensors, and 26 actuators and contanins contains 964,722 records
     Values were recorded every second
     Data is divided into two samples: one with normal operation and one with cyber attacks
     Duration of each sample (e.g., 7 days for normal operation, 4 days for cyber attacks)
    LIT101 sensor during an attack
    Evaluating Cyber Attack Detection using
    Neural Networks

     Python programming language and Keras deep learning library for the experiments
     data sample used (449,419 records) from the SWaT dataset
     80% for training the neural network and 20% for testing
    Experimental Setup
    Experiment

     Neural Network Trained on ICS Signals: first experiment where the neural network was
    trained solely on signals from the ICS
     Normalized features were transmitted to the neural network
     Experiment 2 - Additional Informative Features
    Results
    Analysis

     Obtained results showed that the values of the accuracy, recall and f1-score metrics with
    the usage of additional features are higherthan without them, and the value of precision is
    slightly lower.
     Nevertheless, it can be said unambiguously that the use of additional features has a
    positive effect on the model performance. The largest increase (3.48%) occurred on the
    recall metric, which means, in particular, a decrease in the number of examples that the
    model mistakenly considers normal. This suggests that additional features help the model
    better distinguish the attack class from the normal class.

    You might also like