SC Logo
IEEE Logo
Logo
IEEE Logo

Machine Learning-Based Network Vulnerability Analysis of Industrial Internet of Things

Published in : IEEE Internet of Things Journal (Volume: 6, Issue: 4, August 2019)
Authors : Maede Zolanvari, Marcio A. Teixeira, Lav Gupta, Khaled M. Khan, Raj Jain
DOI : https://doi.org/10.1109/JIOT.2019.2912022
Summary Contributed by:  Anupama

Industrial control systems (ICS), such as supervisory control and data acquisition (SCADA) systems supervise, interact, and control the equipment, processes, and human-machine interfaces (HMI) in large-scale industrial operations.

The Industrial Internet of Things (IIoT) integrates SCADA systems with the Internet of Things (IoT) to further enhance industrial process optimization and automation. However, integrating internet communications makes any system even more susceptible to external malicious attacks like hacking and data theft. The sensitive nature of most industrial applications makes data safety and security a major concern.

The researchers present a detailed study of the four most popular data transmission protocols used in SCADA-IIoT systems. The open-sourced protocols Modbus communications, Building Automation and Control Network (BACnet), Distributed Network Protocol version 3 (DNP3), and Message Queuing Telemetry Transport (MQTT) were evaluated for their vulnerability against cyberattacks.

The risk assessment of any communication protocol can be based on its confidentiality (message encryption), integrity (security check mechanism), and availability (data overflow) traits. The systems employ security controls like authentication, authorization, and accountability to safeguard their traits. The study found that existing SCADA-IIoT systems were vulnerable in all these security aspects.

Various intrusion detection systems (IDS) have been widely used as security mechanisms to counter malicious attacks. IDS based on Machine-learning (ML) algorithms are preferred due to their ability to detect even minor anomalies and accurately identify malignant data, commands, and/or unauthorized users.

The researchers further presented a case study on the efficacy of a machine learning (ML)-based intrusion detection system (IDS) against cyber-attacks on IIoT systems.

A testbed resembling a real industrial plant was developed in-house to simulate cyberattacks and collect realistic datasets that reflect both the normal and attack traffic in industrial networks. Due to industrial confidentiality and privacy concerns, the researchers have selected non-specific commercial or public datasets for training.

An IIoT system in a water treatment and distribution process in industrial reservoirs was used as a testbed. The experiment system employed the Kali Linux Penetration Testing Distribution module to simulate backdoorStructured Query Language (SQL) injection, and command injection cyberattacks.

The integrity of any SCADA system can be compromised by code injection, where the intruder injects malicious data into the system to control or compromise the database server. Similarly, an attacker can gain control of the system via a backdoor installation, circumventing the authentication process.

For the training of the ML model, the researchers selected the salient features distinguishing the attack traffic from the normal. The values of each feature are permuted randomly, creating new datasets to train the ML algorithms. The prototype employed and assessed ML algorithms like random forest (RF), naive Bayes (NB), support vector machines (SVMs), and logistic regression (LR). The evaluation was represented as a performance matrix based on parameters like accuracy, false negative rate, undetected rate, sensitivity, etc.

The study showcased the capability of the proposed ML-based anomaly detection system to handle potentially malicious cyberattacks successfully. In the future, a hybrid model can be designed with multiple algorithms to decrease the number of false negatives and achieve better performance.

A non-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
Copyright 2023 IEEE – All rights reserved. Use of this website signifies your agreement to the IEEE Terms and Conditions
This site is also available on your smartphone.