| Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network | |
|---|---|
| 學年 | 106 |
| 學期 | 1 |
| 發表日期 | 2017-11-22 |
| 作品名稱 | Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network |
| 作品名稱(其他語言) | |
| 著者 | Szu-Chuang Li; Yennun Huang; Bo-Chen Tai; Chi-Ta Lin |
| 作品所屬單位 | |
| 出版者 | |
| 會議名稱 | IEEE SC2 Conference |
| 會議地點 | Kanazawa, Japan |
| 摘要 | In the era of Industry 4.0 we seek to create a smart factory environment in which everything is connected and well coordinated. Smart factories will also be connected to cloud service and/or all kinds of partners outside the boundary of the factory to achieve even better efficiency. However network connectivity also brings threats along with the promise of better efficiency, and makes Smart factories more vulnerable to intruders. There were already security incidents such as Iran's nuclear facilities' infection by the Stuxnet virus and German's steel mill destroyed by hackers in 2014. To protect smart factories from such threats traditional means of intrusion detection on the Internet could be used, but we must also refine them and have them adapted to the context of Industry 4.0. For example, network traffic in a smart factory might be more uniformed and predictable compared to the traffic on the Internet, but one should tolerate much less anomaly as the traffic is usually mission critical, and will cause much more loss once intrusion happens. The most widely used signature-based intrusion detection systems come with a large library of signatures that contains known attack have been proved to be very useful, but without the ability to detect unknown attack. We turn to supervised data mining algorithms to detect intrusions, which will help us to detect intrusions with similar properties with known attacks but not necessarily fully match the signatures in the library. In this study a simulated smart factory environment was built and a series of attacks were implemented. Neural network and decision trees were used to classify the traffic generated from this simulated environment. From the experiments we conclude that for the data set we used, decision tree performed better than neural network for detecting intrusion as it provides better accuracy, lower false negative rate and faster model building time. |
| 關鍵字 | Modbus;intrusion detection;decision tree;neural network;Industry 4.0 |
| 語言 | en |
| 收錄於 | |
| 會議性質 | 國際 |
| 校內研討會地點 | 無 |
| 研討會時間 | 20171122~20171125 |
| 通訊作者 | |
| 國別 | JPN |
| 公開徵稿 | |
| 出版型式 | |
| 出處 | 2017 IEEE 7th International Symposium on Cloud and Service Computing (SC2), p.143-148 |
| 相關連結 |
機構典藏連結 ( http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/120182 ) |
| SDGS | 產業創新與基礎設施 |
GoogleAnalytics