Dataflow-based Control Process Identification for ICS Dataset Development
Pages 54 - 58
Abstract
There has been increasing interest in and demand for relevant datasets for machine learning-based anomaly detection research in academia and industry. The industrial control system (ICS) has become larger and more complex, and it is difficult for humans to understand the configuration and operation of the system. Normal and attack scenario plans based on partial knowledge are inevitably biased, and insufficient data annotations limit the performance verification. It is practically difficult to manually identify all tags used for system monitoring and control and their causal relationships. Therefore, we propose a method to generate a data flow graph from process control information such as input/output tags, control processes, and various control parameter values extracted from the database of the control system. It will be the basis for systematic scenario composition and provide information for the analysis of cause and ripple effects when the state of a specific point (control device, sensor, actuator, etc.) is changed. We applied the proposed method to a HAI testbed and confirmed its feasibility by using it to develop a dataset.
References
[1]
Seungoh Choi, Jeong-Han Yun, and Byung-Gil Min. 2021. Probabilistic Attack Sequence Generation and Execution Based on MITRE ATT&CK for ICS Datasets. In Cyber Security Experimentation and Test Workshop(Virtual, CA, USA) (CSET ’21). Association for Computing Machinery, New York, NY, USA, 41–48. https://doi.org/10.1145/3474718.3474722
[2]
Mauro Conti, Denis Donadel, and Federico Turrin. 2021. A Survey on Industrial Control System Testbeds and Datasets for Security Research. IEEE Communications Surveys Tutorials 23, 4 (2021), 2248–2294. https://doi.org/10.1109/COMST.2021.3094360
[3]
Pavel Filonov, Andrey Lavrentyev, and Artem Vorontsov. 2016. Multivariate Industrial Time Series with Cyber-Attack Simulation: Fault Detection Using an LSTM-based Predictive Data Model. In Time Series Workshop at International Conference on Neural Information Processing Systems(NeurIPS) 2016.
[4]
T. Kameda. 1975. On the vector representation of the reachability in planar directed graphs. Inform. Process. Lett. 3, 3 (1975), 75–77. https://doi.org/10.1016/0020-0190(75)90019-8
[5]
Kaspersky. 2022. Kaspersky Machine Learning for Anomaly Detection: Early anomaly detection system. 2022 [Online]. https://mlad.kaspersky.com/
[6]
Ken Kennedy. 1979. A survey of data flow analysis techniques. IBM Thomas J. Watson Research Division.
[7]
Ki Hyun Kim, Sangwoo Shim, Yongsub Lim, Jongseob Jeon, Jeongwoo Choi, Byungchan Kim, and Andre S. Yoon. 2020. RaPP: Novelty Detection with Reconstruction along Projection Pathway. In International Conference on Learning Representations (ICLR). https://openreview.net/forum?id=HkgeGeBYDB
[8]
Microsoft. 2022. Anomaly Detector: An AI service that helps you foresee problems before they occur. 2022 [Online]. https://azure.microsoft.com/en-gb/services/cognitive-services/anomaly-detector/#overview
[9]
Nicolas Pelissero, Pedro Merino Laso, and John Puentes. 2021. Impact assessment of anomaly propagation in a naval water distribution cyber-physical system. In 2021 IEEE International Conference on Cyber Security and Resilience (CSR). 518–523. https://doi.org/10.1109/CSR51186.2021.9527952
[10]
Sandra Rapps and Elaine J. Weyuker. 1982. Data Flow Analysis Techniques for Test Data Selection. In Proceedings of the 6th International Conference on Software Engineering (Tokyo, Japan) (ICSE ’82). IEEE Computer Society Press, Washington, DC, USA, 272–278.
[11]
Hyeok-Ki Shin, Woomyo Lee, Jeong-Han Yun, and HyoungChun Kim. 2019. Implementation of Programmable CPS Testbed for Anomaly Detection. In 12th USENIX Workshop on Cyber Security Experimentation and Test (CSET 19). USENIX Association. https://www.usenix.org/conference/cset19/presentation/shin
Index Terms
- Dataflow-based Control Process Identification for ICS Dataset Development
Recommendations
Cyber In-security of Industrial Control Systems: A Societal Challenge
SAFECOMP 2015: Proceedings of the 34th International Conference on Computer Safety, Reliability, and Security - Volume 9337Our society and its citizens increasingly depend on the undisturbed functioning of critical infrastructures CI, their products and services. Many of the CI services as well as other organizations use Industrial Control Systems ICS to monitor and control ...
Portfolios of Control in Outsourced Software Development Projects
This paper examines the evolution of portfolio of controls over the duration of outsourced information systems development (ISD) projects. Drawing on five cases, it concludes that many findings from research on control of internal ISD projects apply to ...
Comments
Information & Contributors
Information
Published In
August 2022
150 pages
ISBN:9781450396844
DOI:10.1145/3546096
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 08 August 2022
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
CSET 2022
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 123Total Downloads
- Downloads (Last 12 months)47
- Downloads (Last 6 weeks)6
Reflects downloads up to 09 Nov 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format