nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

Using Datasets from Industrial Control Systems for Cyber Security Research and Education

verfasst von : Qin Lin, Sicco Verwer, Robert Kooij, Aditya Mathur

Erschienen in: Critical Information Infrastructures Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The availability of high-quality benchmark datasets is an important prerequisite for research and education in the cyber security domain. Datasets from realistic systems offer a platform for researchers to develop and test novel models and algorithms. Such datasets also offer students opportunities for active and project-centric learning. In this paper, we describe six publicly available datasets from the domain of Industrial Control Systems (ICS). Five of these datasets are obtained through experiments conducted in the context of operational ICS while the sixth is obtained from a widely used simulation tool, namely EPANET, for large scale water distribution networks. This paper presents two studies on the use of the datasets. The first study uses the dataset from a live water treatment plant. This study leads to a novel and explainable anomaly detection method based upon Timed Automata and Bayesian Networks. The study conducted in the context of education made use of the water distribution network dataset in a graduate course on cyber data analytics. Through an assignment, students explored the effectiveness of various methods for anomaly detection. Research outcomes and the success of the course indicate an appreciation in the research community and positive learning experience in education.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Mitigating Escalation of Cascading Effects of a Payment Disruption Across Other Critical Infrastructures: Lessons Learned in 15 Simulation-Games

Nächstes Kapitel Securing Software Updates for Trains

https://itrust.sutd.edu.sg/research/dataset/.

https://itrust.sutd.edu.sg/dataset/.

Almgren, M., et al.: RICS-el: building a national testbed for research and training on SCADA security (short paper). In: Luiijf, E., Žutautaitė, I., Hämmerli, B.M. (eds.) CRITIS 2018. LNCS, vol. 11260, pp. 219–225. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-05849-4_17CrossRef

Anderson, R., et al.: Measuring the cost of cybercrime. In: Proceedings of the 11th Workshop on Economics of Information Security (2012)

Balaganski, A., Derwisch, S.: Big data and information security. KuppingerCole and BARC Joint Study, Report No.: 7400 (2016)

Choi, S., Yun, J.-H., Kim, S.-K.: A comparison of ICS datasets for security research based on attack paths. In: Luiijf, E., Žutautaitė, I., Hämmerli, B.M. (eds.) CRITIS 2018. LNCS, vol. 11260, pp. 154–166. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-05849-4_12CrossRef

Council of the European Union: European council, council directive 2016/1148 of 6 July 2016 concerning measures for a high common level of security of network and information systems across the union (2016). https://eur-lex.europa.eu/eli/dir/2016/1148/oj

Digitalbond: S4x15 ICS village CTF dataset (2015). https://www.digitalbond.com/blog/2015/03/16/s4x15-ctf-ics-village-page/

G8: G8 principles for protecting critical information infrastructures (2003). http://www.cybersecuritycooperation.org/documents/G8_CIIP_Principles.pdf

GFCE: global forum on cyber expertise (2015). https://www.thegfce.com/about

Goh, J., Adepu, S., Tan, M., Lee, Z.S.: Anomaly detection in cyber physical systems using recurrent neural networks. In: 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE), pp. 140–145. IEEE (2017)

10.

Holm, H., Karresand, M., Vidström, A., Westring, E.: A survey of industrial control system testbeds. In: Buchegger, S., Dam, M. (eds.) Secure IT Systems, vol. 9417, pp. 11–26. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26502-5_2CrossRef

11.

ICS-CERT: Cyber-attack against Ukrainian critical infrastructure (2016). https://ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01

12.

Inoue, J., Yamagata, Y., Chen, Y., Poskitt, C.M., Sun, J.: Anomaly detection for a water treatment system using unsupervised machine learning. In: 2017 IEEE International Conference on Data Mining Workshops (ICDMW), pp. 1058–1065. IEEE (2017)

13.

iTrust: Centre for Research in Cyber Security (2015). https://itrust.sutd.edu.sg/

14.

iTrust: Secure Water Treatment (SWaT) Testbed (2015). https://itrust.sutd.edu.sg/research/dataset/

15.

Lemay, A., Fernandez, J.M.: Providing \(\{\)SCADA\(\}\) network data sets for intrusion detection research. In: 2016 9th Workshop on Cyber Security Experimentation and Test (\(\{\)CSET\(\}\)) (2016)

16.

Lewis, J.A.: Economic impact of cybercrime-no slowing down (2018). https://www.csis.org/analysis/economic-impact-cybercrime

17.

Lin, Q., Adepu, S., Verwer, S., Mathur, A.: TABOR: a graphical model-based approach for anomaly detection in Industrial Control Systems. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 525–536. ACM (2018)

18.

Luiijf, E., Besseling, K., De Graaf, P.: Nineteen national cyber security strategies. Int. J. Crit. Infrastruct. (IJCIS) 9(1/2), 3–31 (2013)CrossRef

19.

Mathur, A.P., Tippenhauer, N.: SWaT: a water treatment testbed for research and training on ICS security. In: International Workshop on Cyber-physical Systems for Smart Water Networks (CySWater), pp. 31–36. IEEE, USA, April 2016

20.

McLaughlin, S., et al.: The cybersecurity landscape in industrial control systems. Proc. IEEE 104(5), 1039–1057 (2016)MathSciNetCrossRef

21.

Morris, T., Gao, W.: Industrial control system traffic data sets for intrusion detection research. In: Butts, J., Shenoi, S. (eds.) ICCIP 2014. IAICT, vol. 441, pp. 65–78. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45355-1_5CrossRef

22.

Morris, T., Srivastava, A., Reaves, B., Gao, W., Pavurapu, K., Reddi, R.: A control system testbed to validate critical infrastructure protection concepts. Int. J. Crit. Infrastruct. Prot. 4(2), 88–103 (2011)CrossRef

23.

Morris, T.H., Thornton, Z., Turnipseed, I.: Industrial control system simulation and data logging for intrusion detection system research. In: 7th Annual Southeastern Cyber Security Summit, pp. 3–4 (2015)

24.

Morris, T.: Industrial control system (ICS) cyber attack datasets (2015). https://sites.google.com/a/uah.edu/tommy-morris-uah/ics-data-sets

25.

NRF: Singapore, national cybersecurity R&D programme (2013). https://www.nrf.gov.sg/programmes/national-cybersecurity-r-d-programme

26.

Ostfeld, A., et al.: Battle of the water calibration networks. J. Water Resour. Plan. Manag. 138(5), 523–532 (2012)CrossRef

27.

Pan, S., Morris, T., Adhikari, U.: Developing a hybrid intrusion detection system using data mining for power systems. IEEE Trans. Smart Grid 6(6), 3104–3113 (2015)CrossRef

28.

Rossman, L.A.: EPANET 2: User Manual (2000)

29.

Symantec: Norton cyber security insights report, global results (2017). https://www.symantec.com/content/dam/symantec/docs/about/2017-ncsir-global-results-en.pdf

30.

Taormina, R., Galelli, S., Tippenhauer, N.O., Salomons, E., Ostfeld, A.: Characterizing cyber-physical attacks on water distribution systems. J. Water Resour. Plan. Manag. 143(5), 04017009 (2017)CrossRef

31.

Taormina, R., et al.: The battle of the attack detection algorithms: disclosing cyber attacks on water distribution networks. J. Water Resour. Plan. Manag. 144(8), 1–11 (2018)CrossRef

32.

UC Irvine: Machine learning repository (2007). https://archive.ics.uci.edu/ml/index.php

33.

Weinberger, S.: Computer security: is this the start of cyberwarfare? Nature 174, 142–145 (2011)CrossRef

Titel: Using Datasets from Industrial Control Systems for Cyber Security Research and Education
verfasst von: Qin Lin
Sicco Verwer
Robert Kooij
Aditya Mathur
Verlag: Springer International Publishing
Buch: Critical Information Infrastructures Security
Print ISBN: 978-3-030-37669-7

Electronic ISBN: 978-3-030-37670-3

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-37670-3_10

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner