Title: CNN-based anomaly detection for packet payloads of industrial control system
Authors: Joo-Yeop Song; Rajib Paul; Jeong-Han Yun; Hyoung Chun Kim; Young-June Choi
Addresses: Department of Software and Computer Engineering, Ajou University, 16499, South Korea ' Department of Software and Computer Engineering, Ajou University, 16499, South Korea ' The Affiliated Institute of ETRI, 34044, South Korea ' The Affiliated Institute of ETRI, 34044, South Korea ' Department of Software and Computer Engineering, Ajou University, 16499, South Korea
Abstract: Industrial control systems (ICSs) are more vulnerable to cyber threats owing to their network connectivity. The intrusion detection system(IDS) has been deployed to detect sophisticated cyber-attack but the existing IDS uses the packet header information for traffic flow detection. IDS is inefficient to detect packet deformation; therefore, we propose the adoption of packet payload in IDS to respond to a variety of attacks and high performance. Our proposed model detects packet modification and traffic flowby inspecting each packet and sequence of packets. For evaluation, cross verification is conducted to increase the reliability of the statistics.
Keywords: network security; intrusion detection; anomaly detection; convolutional neural network; industrial control system; N-gram method; single packet detection; sequence detection.
DOI: 10.1504/IJSNET.2021.115440
International Journal of Sensor Networks, 2021 Vol.36 No.1, pp.36 - 49
Received: 21 Oct 2020
Accepted: 04 Dec 2020
Published online: 02 Jun 2021 *