Е-Публикации
Технически университет - София

Abstract: The use of Supervisory Control and Data Acquisition (SCADA) systems in wind farms has increased significantly in recent years. These SCADA systems are vulnerable to cyberattacks, which can lead to loss of integrity and availability of the device resources and financial losses. In this research, we have analyzed the effectiveness of machine learning techniques in detecting and mitigating cyberattacks on wind physical testbed. A dataset with simulated attacks on a physical wind testbed created by us is used. The dataset consists of network traffic, sensor readings, and control commands. To classify the attacks and measure their accuracy, multiple machine learning algorithms are trained on this dataset, including but not limited to deep neural networks (DNN), random forest classifier (RFC), decision tree classifier (DTC) and support vector machines (SVM). The outcomes of this research offer valuable insights into improving cybersecurity measures and resiliency for wind testbeds and other critical infrastructure systems.

References

1. Dragos, „Dragos Year in Review Report 2022“, https://hub.dragos.com/hubfs/312-Year-inReview/2022/Dragos_Year-In-Review-Report-2022.pdf (visited on 27.01.2023).
2. M. A. Sehr et al., "Programmable Logic Controllers in the Context of Industry 4.0," in IEEE Transactions on Industrial Informatics, vol. 17, no. 5, pp. 3523-3533, May 2021, doi: 10.1109/TII.2020.3007764.
3. Coherent Market Insights, “Industrial Control Systems (ICS) Market Analysis”, https://www.coherentmarketinsights.com/market-insight/industrial-control-systems-ics-market-5587.
4. S. A. Sokolov, T. B. Iliev and I. S. Stoyanov, "Analysis of Cybersecurity Threats in Cloud Applications Using Deep Learning Techniques," 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, Croatia, 2019, pp. 441-446, doi: 10.23919/MIPRO.2019.8756755.
5. J. Li and M. Armandpour, "Deep Spatio-Temporal Wind Power Forecasting," ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), Singapore, Singapore, 2022, pp. 4138-4142, doi: 10.1109/ICASSP43922.2022.9747383.
6. N. Elgohary and N. Abdelbaki, "Detecting Mimikatz in Lateral Movements Using Windows API Call Sequence Analysis," 2022 4th Novel Intelligent and Leading Emerging Sciences Conference (NILES), Giza, Egypt, 2022, pp. 306-310, doi: 10.1109/NILES56402.2022.9942377.
7. Steve Anson, "Lateral Movement Analysis," in Applied Incident Response, Wiley, 2020, pp.345-378, doi: 10.1002/9781119560302.ch12.
8. MITRE, “ICS Matrix”, https://attack.mitre.org/matrices/ics/ (visited on 02.04.2023).
9. IBM, “What is data labeling?”, https://www.ibm.com/topics/data-labeling (visited on 02.04.2023).
10. Lazy Predict, https://pypi.org/project/lazypredict/ (visited on 01.02.2023).
11. Demsar J, Curk T, Erjavec A, Gorup C, Hocevar T, Milutinovic M, Mozina M, Polajnar M, Toplak M, Staric A, Stajdohar M, Umek L, Zagar L, Zbontar J, Zitnik M, Zupan B (2013) Orange: Data Mining Toolbox in Python, Journal of Machine Learning Research 14(Aug): 2349−2353.
12. Kluyver, T. et al., 2016. Jupyter Notebooks – a publishing format for reproducible computational workflows. In F. Loizides & B. Schmidt, eds. Positioning and Power in Academic Publishing: Players, Agents and Agendas. pp. 87–90.
13. Google. “Colaboratory”, https://research.google.com/colaboratory/faq.html (visited on 30.03.2023).
14. Cisco Example Industrial DMZ Architecture, https://www.cisco.com/c/en/us/td/docs/Technology/industrialautomation-security-design-guide/m-introduction.html (visited on 25.02.2023).

Issue