教師資料查詢 | 類別: 會議論文 | 教師: 李思壯LI SZU CHUANG (瀏覽個人網頁)

標題:Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network
學年106
學期1
發表日期2017/11/22
作品名稱Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network
作品名稱(其他語言)
著者Szu-Chuang Li; Yennun Huang; Bo-Chen Tai; Chi-Ta Lin
作品所屬單位
出版者
會議名稱IEEE SC2 Conference
會議地點Kanazawa, Japan
摘要In the era of Industry 4.0 we seek to create a smart factory environment in which everything is connected and well coordinated. Smart factories will also be connected to cloud service and/or all kinds of partners outside the boundary of the factory to achieve even better efficiency. However network connectivity also brings threats along with the promise of better efficiency, and makes Smart factories more vulnerable to intruders. There were already security incidents such as Iran's nuclear facilities' infection by the Stuxnet virus and German's steel mill destroyed by hackers in 2014. To protect smart factories from such threats traditional means of intrusion detection on the Internet could be used, but we must also refine them and have them adapted to the context of Industry 4.0. For example, network traffic in a smart factory might be more uniformed and predictable compared to the traffic on the Internet, but one should tolerate much less anomaly as the traffic is usually mission critical, and will cause much more loss once intrusion happens. The most widely used signature-based intrusion detection systems come with a large library of signatures that contains known attack have been proved to be very useful, but without the ability to detect unknown attack. We turn to supervised data mining algorithms to detect intrusions, which will help us to detect intrusions with similar properties with known attacks but not necessarily fully match the signatures in the library. In this study a simulated smart factory environment was built and a series of attacks were implemented. Neural network and decision trees were used to classify the traffic generated from this simulated environment. From the experiments we conclude that for the data set we used, decision tree performed better than neural network for detecting intrusion as it provides better accuracy, lower false negative rate and faster model building time.
關鍵字Modbus;intrusion detection;decision tree;neural network;Industry 4.0
語言英文
收錄於
會議性質國際
校內研討會地點
研討會時間20171122~20171125
通訊作者
國別日本
公開徵稿
出版型式
出處2017 IEEE 7th International Symposium on Cloud and Service Computing (SC2), p.143-148
相關連結
SDGs
  • 產業創新與基礎設施
Google+ 推薦功能,讓全世界都能看到您的推薦!