Detection Anomaly of Network Datasets with Honeypots at Industrial Control System
محورهای موضوعی : journal of Artificial Intelligence in Electrical Engineering
Abbasgholi pashaei
1
(Department of Electrical Engineering, Ahar Branch, Islamic Azad University, Ahar, Iran)
Mohammad Esmaeil akbari
2
(Department of Electrical Engineering, Ahar Branch, Islamic Azad University, Ahar, Iran)
mina zolfy
3
(Department of Electrical and Computer Engineering Faculty, Tabriz University, Tabriz, Iran)
Asghar charmin
4
(Electrical Engineering, Islamic Azad University, Ahar Branch, Ahar, Iran)
کلید واژه: Machine Learning, Honeypot, Intrusion Detection System, Anomaly detection,
چکیده مقاله :
:Thedevelopment of ICS 4.0 industry-specific cybersecurity mechanisms can reduce the vulnerability of systems to fire, explosion, human accidents, environmentaldamage, and financial loss. Honeypots are computer systems that are deployed expressly to trick attackers into thinking they are real computers. Given that vulnerabilities are the points of penetration into industrial systems, and using these weaknesses, threats are organized, and intrusion into industrial systems occurs. As a result, to learn about an attacker's behavior, tactics, strategies, and signatures, the EIDS is used to collect information on cyber-attacks, proving it to be a more helpful tool than earlier traditional ways. Attacks collected by honeypot software expose the attackers' source IP addresses as well as the target host that became a victim of the assaults. This paper proposes a novel Honeypot enhanced industrial Early Intrusion Detection System (EIDS) using Machine Learning (ML). The performance of EIDS is evaluated with ML, and the experimental results show that the proposed EIDS detects anomalous behavior of the data with a high detection rate, low false positives, and better classification accuracy.