연구동향 분석

Intrusion Detection and Identification Using Tree-Based Machine Learning Algorithms on the DCS Network = DCS 네트워크에서 트리기반의 머신러닝 알고리즘을 활용한 공격 탐지 및 식별에 관한 연구

김경호 2022년

논문상세정보
인용/피인용
' Intrusion Detection and Identification Using Tree-Based Machine Learning Algorithms on the DCS Network = DCS 네트워크에서 트리기반의 머신러닝 알고리즘을 활용한 공격 탐지 및 식별에 관한 연구' 의 주제별 논문영향력
논문영향력 선정 방법
논문영향력 요약
주제
  • Attack Identification
  • DREAD
  • Distributed Control System(DCS)
  • Industrial Control System(ICS)
  • Intrusion Detection System (IDS)
  • Machine Learning
  • PERA
  • Purdue Model
  • STRIDE
  • Threat Modeling
동일주제 총논문수 논문피인용 총횟수 주제별 논문영향력의 평균
1,447 0

0.0%

' Intrusion Detection and Identification Using Tree-Based Machine Learning Algorithms on the DCS Network = DCS 네트워크에서 트리기반의 머신러닝 알고리즘을 활용한 공격 탐지 및 식별에 관한 연구' 의 참고문헌

  • \Industrial control systems : Cyberattack trends and countermeasures
    T. Alladi , V. Chamola , and S. Zeadally , vol . 155 , pp . 1 ? 8 , [2020]
  • [9] C. Systems, Networking and Security in Industrial Automation Environments. Cisco Systems, 2020.
    [2020]
  • [67] M. L. Han, B. I. Kwak, and H. K. Kim, Event-triggered intervalbased anomaly detection and attack identification methods for an in-vehicle network, IEEE Transactions on Information Forensics and Security, 2021.
  • [65] G. F. Lyon, Nmap network scanning: The official Nmap project guide to network discovery and security scanning. Insecure. Com LLC (US), 2008.
    [2008]
  • [64] S. Bravo and D. Mauricio, Ddos attack detection mechanism in the application layer using user features, in 2018 International Conference on Information and Computer Technologies (ICICT), pp. 97–100, IEEE, 2018.
    [2018]
  • [63] L. Liang, K. Zheng, Q. Sheng, and X. Huang, A denial of service attack method for an iot system, in 2016 8th international conference on Information Technology in Medicine and Education (ITME), pp. 360–364, IEEE, 2016.
    [2016]
  • [60] O. Alexander, M. Belisle, and J. Steele, Mitre att&ck® for industrial control systems: Design and philosophy, 2020.
    [2020]
  • [5] Q. Chen and R. A. Bridges, Automated behavioral analysis of malware: A case study of wannacry ransomware, in 2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA), pp. 454–460, IEEE, 2017.
    [2017]
  • [59] Jeffrey Ashcraft, Daniel Kapellmann Zafra, and Nathan Brubaker, Monitoring ics cyber operation tools and software exploit modules to anticipate future threats. https://www.fireeye.com/blog/threat-research/2020/03/ monitoring-ics-cyber-operation-tools-and-software-exploit-modules. html, 2020. [Online; Accessed 17 April 2021].
  • [58] P. D. Curtis and N. Mehravari, Evaluating and improving cybersecurity capabilities of the energy critical infrastructure, in 2015 IEEE International Symposium on Technologies for Homeland Security (HST), pp. 1–6, IEEE, 2015.
    [2015]
  • [56] Microsoft, Microsoft threat modeling tool 2016, 2015. Available from: https://www.microsoft.com/en-us/download/details. aspx?id=49168 [last accessed June 2022].
  • [55] A. Shostack, Threat modeling: Designing for security. John Wiley & Sons, 2014.
    [2014]
  • [54] Y. Cherdantseva and J. Hilton, A reference model of information assurance & security, in 2013 International Conference on Availability, Reliability and Security, pp. 546–555, IEEE, 2013.
    [2013]
  • [51] Y. Lai, J. Zhang, and Z. Liu, Industrial anomaly detection and attack classification method based on convolutional neural network, Security and Communication Networks, vol. 2019, 2019.
  • [4] M. Geiger, J. Bauer, M. Masuch, and J. Franke, An analysis of black energy 3, crashoverride, and trisis, three malware approaches targeting operational technology systems, in 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), vol. 1, pp. 1537–1543, IEEE, 2020.
    [2020]
  • [49] R. Benisha and S. Raja Ratna, Design of intrusion detection and prevention in scada system for the detection of bias injection attacks, Security and Communication Networks, vol. 2019, 2019.
  • [47] Y. Kwon, H. K. Kim, Y. H. Lim, and J. I. Lim, A behavior-based intrusion detection technique for smart grid infrastructure, in 2015 IEEE Eindhoven PowerTech, pp. 1–6, IEEE, 2015.
    [2015]
  • [46] C. Wressnegger, A. Kellner, and K. Rieck, Zoe: Content-based anomaly detection for industrial control systems, in 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 127–138, IEEE, 2018.
    [2018]
  • [44] D. Wang and D. Feng, Intrusion detection model of scada using graphical features, in 2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC), pp. 1208–1214, IEEE, 2018.
    [2018]
  • [43] J. Zhang, S. Gan, X. Liu, and P. Zhu, Intrusion detection in scada systems by traffic periodicity and telemetry analysis, in 2016 IEEE Symposium on Computers and Communication (ISCC), pp. 318– 325, IEEE, 2016.
    [2016]
  • [41] N. Rajasinghe, J. Samarabandu, and X.Wang, Insecs-dcs: a highly customizable network intrusion dataset creation framework, in 2018 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE), pp. 1–4, IEEE, 2018.
    [2018]
  • [40] D. Peterson, Intrusion detection and cyber security monitoring of scada and dcs networks, ISA Automation West, 2004.
    [2004]
  • [37] M. Yampolskiy, P. Horvath, X. D. Koutsoukos, Y. Xue, and J. Sztipanovits, Systematic analysis of cyber-attacks on cps-evaluating applicability of dfd-based approach, in 2012 5th International Symposium on Resilient Control Systems, pp. 55–62, IEEE, 2012.
    [2012]
  • [34] R. Khan, K. McLaughlin, D. Laverty, and S. Sezer, Stride-based threat modeling for cyber-physical systems, in 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGTEurope), pp. 1–6, IEEE, 2017.
    [2017]
  • [33] A. C. S. C. (ACSC), Cert australia. Available from: https:// www.cyber.gov.au/ [last accessed May 2021].
  • [32] NIST, Nist cybersecurity framework, 2017. Available from: https://www.nist.gov/cyberframework [last accessed May 2021].
  • [31] C. . I. S. A. (CISA), Ics-cert website. Available from: https: //us-cert.cisa.gov/ics [last accessed May 2021].
  • [30] E. A. AbuEmera, H. A. ElZouka, and A. A. Saad, Security framework for identifying threats in smart manufacturing systems using stride approach, in 2022 2nd International Conference on Consumer Electronics and Computer Engineering (ICCECE), pp. 605– 612, 2022.
  • [29] N. Shevchenko, B. R. Frye, and C. Woody, Threat modeling for cyber-physical system-of-systems: Methods evaluation, tech. rep., Carnegie Mellon University Software Engineering Institute Pittsburgh United . . . , 2018.
    [2018]
  • [28] K. Wuyts and W. Joosen, Linddun privacy threat modeling: a tutorial, CW Reports, 2015.
    [2015]
  • [27] Tamara Denning, Batya Friedman, and Tadayoshi Kohno, Security and privacy threat discovery cards, 2013. Available from: http://securitycards.cs.washington.edu/assets/ security-cards-deck-with-croplines.pdf [last accessed May 2022].
  • [26] N. R. Mead, F. Shull, K. Vemuru, and O. Villadsen, A hybrid threat modeling method, Carnegie MellonUniversity- Software Engineering Institute-Technical Report-CMU/SEI-2018- TN-002, 2018.
    [2018]
  • [25] T. A. Kletz, HAZOP and HAZAN: identifying and assessing process industry hazards. IChemE, 1999.
    [1999]
  • [24] klockwork, Threat modeling for secure embedded software, 2011.
    [2011]
  • [23] T. UcedaVelez and M. M. Morana, Risk centric threat modeling. Wiley Online Library, 2015.
    [2015]
  • [22] B. Beyst, Which threat modeling method. threatmodeler. april 15, 2016. Available from: https://threatmodeler. com/threat-modeling-methodologies-vast/ [last accessed May 2022].
  • [21] P. Saitta, B. Larcom, and M. Eddington, Trike v. 1 methodology document [draft], URL: http://dymaxion. org/trike/Trike v1 Methodology Documentdraft. pdf, 2005.
    [2005]
  • [1] Fortinet, 2020 state of operational technology and cybersecurity report, 2020. Available from: https://www.fortinet. com/content/dam/fortinet/assets/analyst-reports/ report-state-of-operational-technology.pdf [last accessed May 2021].
    [2020]
  • [19] N. R. Mead, F. Shull, K. Vemuru, and O. Villadsen, A hybrid threat modeling method, Carnegie MellonUniversity- Software Engineering Institute-Technical Report-CMU/SEI-2018- TN-002, 2018.
    [2018]
  • [18] M. Schiffman, A. Wright, D. Ahmad, and G. Eschelbeck, The common vulnerability scoring system, National Infrastructure Advisory Council, Vulnerability Disclosure Working Group, Vulnerability Scoring Subgroup, 2004.
    [2004]
  • [17] C. Alberts, A. Dorofee, J. Stevens, and C. Woody, Introduction to the octave approach, tech. rep., Carnegie-Mellon Univ Pittsburgh Pa Software Engineering Inst, 2003.
    [2003]
  • [16] F. Swiderski and W. Snyder, Threat modeling. Microsoft Press, 2004.
    [2004]
  • [15] B. Gates, Trustworthy computing, 2002. Available from: https://www.wired.com/2002/01/ bill-gates-trustworthy-computing/ [last accessed May 2021].
  • [12] E. G. Amoroso, Fundamentals of computer security technology. Prentice-Hall, Inc., 1994.
    [1994]
  • [10] T. J. Williams, The Purdue enterprise reference architecture: a technical guide for CIM planning and implementation. Instrument Society of America, 1992.
    [1992]
  • What s your protocol : Vulnerabilities and security threats related to z-wave protocol ,
  • Using threat modeling for risk analysis of smarthome ,
    K. K. Gon and K. S. Hoon pp . 378 ? 379 [2015]
  • Triton : The first ics cyber attack on safety instrument systems
    A . Di Pinto , Y. Dragoni , and A. Carcano vol . 2018 , pp . 1 ? 26 [2018]
  • The threats to our products
  • Stuxnet : Dissecting a cyberwarfare weapon
    R. Langner vol . 9 , no . 3 , pp . 49 ? 51 [2011]
  • Sp 800-82 rev . 2Guide to Industrial Control Systems ( ICS ) Security
    K. Stouffer , J. Falco , and K. Scarfone , vol . 2 , no . 3 , p. 5 [2015]
  • Software and attack centric integrated threat modeling for quantitative risk assessment
  • Runtime semantic security analysis to detect and mitigate controlrelated attacks in power grids
  • Passive vulnerability scanning : Introduction to nevo
    R. Deraison , R. Gula , and T. Hayton , vol . 9 , no . 1-13 , p. 7 , [2003]
  • Multilayer data-driven cyber-attack detection system for industrial control systems based on network , system , and process data
    F. Zhang , H. A. D. E. Kodituwakku , J. W. Hines , and J. Coble , vol . 15 , no . 7 , pp . 4362 ? 4369 [2019]
  • German steel mill cyber attack ,
  • Experiences threat modeling at microsoft.
    A. Shostack vol . 2008 [2008]
  • Eliciting security requirements with misuse cases
    G. Sindre and A. L. Opdahl vol . 10 , no . 1 , pp . 34 ? 44 [2005]
  • Cyber security risk assessment for scada and dcs networks
    P. A. Ralston , J. H. Graham , and J. L. Hieb vol . 46 , no . 4 , pp . 583 ? 594 [2007]
  • Blockchain and random subspace learning-based ids for sdn-enabled industrial iot security
  • Behavior analysis and anomaly detection for a digital substation on cyberphysical system
  • Attack trees ,
    B. Schneier vol . 24 , no . 12 , pp . 21 ? 29 [1999]
  • Analysis of the cyber attack on the ukrainian power grid
    D. U . Case vol . 388 [2016]
  • Admm-based distributed state estimation of smart grid under data deception and denial of service attacks
    D. Du , X. Li , W. Li , R. Chen , M. Fei , and L. Wu , vol . 49 , no . 8 , pp . 1698 ? 1711 [2019]
  • A review of research work on network-based scada intrusion detection systems
  • A review of cyber security risk assessment methods for scada systems