| Popis: |
The emergence of industrial Cyberinfrastructures, the development of information communication technology in industrial fields, and the remote accessibility of automated Industrial Control Systems (ICS) lead to various cyberattacks on industrial networks and Supervisory Control and Data Acquisition (SCADA) networks. The development of ICS industry-specific cybersecurity mechanisms can reduce the vulnerability of systems to fire, explosion, human accidents, environmental damage, and financial loss. Given that vulnerabilities are the points of penetration into industrial systems, and using these weaknesses, threats are organized, and intrusion into industrial systems occurs. Thus, it is essential to continuously improve the security of the networks of industrial control facilities. Traditional intrusion detection systems have been shown to be sluggish and prone to false positives. As a result, these algorithms' performance and speed must be improved. This paper proposes a novel Honeypot enhanced industrial Early Intrusion Detection System (EIDS) incorporated with Machine Learning (ML) algorithms. The proposed scheme collects data from all sensors of Honeypot and industrial devices from the industrial control network, stores it in the database of EIDS, analyses it using expert ML algorithms. The designed system for early intrusion detection can protect industrial systems against vulnerabilities by alerting the shortest possible time using online data mining in the EIDS database. The results show that the proposed EIDS detects anomalous behavior of the data with a high detection rate, low false positives, and better classification accuracy. |
