Visible to the public Industrial Control System Intrusion Detection Model based on LSTM Attack Tree

TitleIndustrial Control System Intrusion Detection Model based on LSTM Attack Tree
Publication TypeConference Paper
Year of Publication2020
AuthorsXingjie, F., Guogenp, W., ShiBIN, Z., ChenHAO
Conference Name2020 17th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)
Date Publisheddec
Keywordsattack tree, compositionality, Computer hacking, computer network security, constructed attack tree model, Hidden Markov models, ICs, IDS, industrial control, Industrial control system intrusion detection model, Information Reuse and Security, Internet, Intrusion detection, Logic gates, LSTM, LSTM & attack tree, Predictive models, pubcrawl, Resiliency, traditional intrusion detection systems, traditional network security, trees (mathematics)
AbstractWith the rapid development of the Industrial Internet, the network security risks faced by industrial control systems (ICSs) are becoming more and more intense. How to do a good job in the security protection of industrial control systems is extremely urgent. For traditional network security, industrial control systems have some unique characteristics, which results in traditional intrusion detection systems that cannot be directly reused on it. Aiming at the industrial control system, this paper constructs all attack paths from the hacker's perspective through the attack tree model, and uses the LSTM algorithm to identify and classify the attack behavior, and then further classify the attack event by extracting atomic actions. Finally, through the constructed attack tree model, the results are reversed and predicted. The results show that the model has a good effect on attack recognition, and can effectively analyze the hacker attack path and predict the next attack target.
Citation Keyxingjie_industrial_2020