Detection Anomaly of Network Datasets with Honeypots at Industrial Control System
Subject Areas : journal of Artificial Intelligence in Electrical EngineeringAbbasgholi pashaei 1 , Mohammad Esmaeil akbari 2 , mina zolfy 3 , Asghar charmin 4
1 - Department of Electrical Engineering, Ahar Branch, Islamic Azad University, Ahar, Iran
2 - Department of Electrical Engineering, Ahar Branch, Islamic Azad University, Ahar, Iran
3 - Department of Electrical and Computer Engineering Faculty, Tabriz University, Tabriz, Iran
4 - Electrical Engineering, Islamic Azad University, Ahar Branch, Ahar, Iran
Keywords: Machine Learning, Honeypot, Intrusion Detection System, Anomaly detection,
Abstract :
:Thedevelopment of ICS 4.0 industry-specific cybersecurity mechanisms can reduce the vulnerability of systems to fire, explosion, human accidents, environmentaldamage, and financial loss. Honeypots are computer systems that are deployed expressly to trick attackers into thinking they are real computers. Given that vulnerabilities are the points of penetration into industrial systems, and using these weaknesses, threats are organized, and intrusion into industrial systems occurs. As a result, to learn about an attacker's behavior, tactics, strategies, and signatures, the EIDS is used to collect information on cyber-attacks, proving it to be a more helpful tool than earlier traditional ways. Attacks collected by honeypot software expose the attackers' source IP addresses as well as the target host that became a victim of the assaults. This paper proposes a novel Honeypot enhanced industrial Early Intrusion Detection System (EIDS) using Machine Learning (ML). The performance of EIDS is evaluated with ML, and the experimental results show that the proposed EIDS detects anomalous behavior of the data with a high detection rate, low false positives, and better classification accuracy.