Gopalakrishnan, Shreevanth;
Tuptuk, Nilufer;
Hailes, Stephen;
(2023)
Machine Learning-based Intrusion Detection Systems: Deployment Guidelines for Industry.
PETRAS National Centre of Excellence for IoT Systems Cybersecurity: London, UK.
Preview |
Text
Machine-Learning-based-Intrusion-Detection-Systems-compressed.pdf - Published Version Download (1MB) | Preview |
Abstract
Industrial Control Systems (ICS) are increasingly becoming the subject of high-profile attacks. The motivations for these attacks can range from disgruntled employees, financial, socio-political, military advantage, and corporate advantage, amongst others. Historically, intrusion detection systems (IDS) have not been widely used to protect ICS. For years, security for ICS was achieved through obscurity and isolation due to wide use of legacy systems that were not connected to wider networks and use of proprietary communication protocols. However, to improve cost-efficiency and productivity, ICS are becoming more connected to other systems via open communication protocols and use of smart devices such as Internet of Things (IoT). This new design has made securing ICS more challenging, and in need of security tools and techniques to increase visibility and protect against evolving threats. In the coming decade, due to increasing sophistication of attackers and their attack methods, it is critical that security measures also advance and have the ability to accurately detect and prevent threats. Machine Learning (ML) is one such promising technology. ML systems can be trained to automatically learn patterns of behaviour directly from network and/or physical data to detect malicious activity, and optionally, faults, and then deploy them to make inferences about new patterns in service. While the use of ML has advantages such as faster creation of attack detection models, building and deploying ML systems have significant challenges. This report aims to prepare ICS end-users to have technical discussions and make informed decisions about creating and deploying ML-based IDS into a business. There is also guidance on which detection tools to choose from in the presence of a plethora of commercial and open-source options.
| Type: | Report |
|---|---|
| Title: | Machine Learning-based Intrusion Detection Systems: Deployment Guidelines for Industry |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.14324/000.rp.10190465 |
| Publisher version: | https://petras-iot.org/ |
| Language: | English |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10190465 |
Archive Staff Only
 |
View Item |
