Detailed Information

Cited 0 time in webofscience Cited 0 time in scopus
Metadata Downloads

Intrusion Detection and Identification Using Tree-Based Machine Learning Algorithms on DCS Network in the Oil Refinery

Authors
Kim, Kyoung HoKwak, Byung IlHan, Mee LanKim, Huy Kang
Issue Date
Nov-2022
Publisher
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
Keywords
Integrated circuits; Security; Servers; Protocols; Sensor systems; Workstations; Process control; Industrial control system; distributed control system; intrusion detection; attack identification
Citation
IEEE TRANSACTIONS ON POWER SYSTEMS, v.37, no.6, pp 4673 - 4682
Pages
10
Indexed
SCIE
SCOPUS
Journal Title
IEEE TRANSACTIONS ON POWER SYSTEMS
Volume
37
Number
6
Start Page
4673
End Page
4682
URI
https://scholar.korea.ac.kr/handle/2021.sw.korea/190622
DOI
10.1109/TPWRS.2022.3150084
ISSN
0885-8950
1558-0679
Abstract
Recently, Critical Infrastructures (CI) such as energy, power, transportation, and communication have come to be increasingly dependent on advanced information and communication technology (ICT). This change has increased the connection between the Industrial Control System (ICS) supporting the CI and the Internet, resulting in an increase in security threats and allowing a malicious attacker to manipulate and control the ICS arbitrarily. On the other hand, ICS operators are reluctant to install security systems for fear of adverse effects on normal operations due to system changes. Therefore, new research is needed to detect anomalies quickly and identify attack types while ensuring the high availability of ICS. This study proposes a host-based method to detect and identify abnormalities in an Oil Refinery's Distributed Control System (DCS) network using DCS vendor-proprietary protocols using a proposed method based on the tree-based machine learning algorithm. The results demonstrate that the proposed method can effectively detect an abnormality with the eXtreme Gradient Boosting (XGB) classifier, with up to 99% accuracy. Taken together, the results of this study contribute to the accurate detection of abnormal events and identification of attack types on the network without disrupting the normal operation of the DCS in the Oil Refinery.
Files in This Item
There are no files associated with this item.
Appears in
Collections
School of Cyber Security > Department of Information Security > 1. Journal Articles
Graduate School > Department of Cyber Security > 1. Journal Articles

qrcode

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Researcher Kim, Huy Kang photo

Kim, Huy Kang
Department of Information Security
Read more

Altmetrics

Total Views & Downloads

BROWSE