Identification and prediction of attacks to industrial control systems using temporal point processes

Identification and prediction of attacks to industrial control systems using temporal point processes

The task of identifying malicious activities in logs and predicting threats is crucial nowadays in industrial sector. In this paper, we focus on the identification of past malicious activities and in the prediction of future threats by proposing a novel technique based on the combination of Marked T...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of ambient intelligence and humanized computing 2023-05, Vol.14 (5), p.4771-4783
Hauptverfasser: Fortino, Giancarlo, Greco, Claudia, Guzzo, Antonella, Ianni, Michele
Format: Artikel
Sprache:eng
Schlagworte:
Aftershocks
Algorithms
Artificial Intelligence
Computational Intelligence
Control systems
Deep learning
Earthquakes
Engineering
Gas pipelines
Industrial electronics
Learning theory
Machine learning
Natural gas
Neural networks
Original Research
Robotics and Automation
Software
Surveillance
User Interfaces and Human Computer Interaction
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The task of identifying malicious activities in logs and predicting threats is crucial nowadays in industrial sector. In this paper, we focus on the identification of past malicious activities and in the prediction of future threats by proposing a novel technique based on the combination of Marked Temporal Point Processes ( MTTP ) and Neural Networks. Differently from the traditional formulation of Temporal Point Processes, our method does not make any prior assumptions on the functional form of the conditional intensity function and on the distribution of the events. Our approach is based the adoption of Neural Networks with the goal of improving the capabilities of learning arbitrary and unknown event distributions by taking advantage of the Deep Learning theory. We conduct a series of experiments using industrial data coming from gas pipelines, showing that our framework is able to represent in a convenient way the information gathered from the logs and predict future menaces in an unsupervised way, as well as classifying the past ones. The results of the experimental evaluation, showing outstanding values for precision and recall, confirm the effectiveness of our approach.
ISSN:1868-5137
1868-5145
DOI:10.1007/s12652-022-04416-5