![REFERENCES
[1] F. Zhang, H. A. D. E. Kodituwakku, J. W. Hines, and J. Coble,“Multilayer Data-Driven Cyber-Attack Detection System for Industrial Control Systems Based on
Network, System, and Process Data,” IEEE Transactions on Industrial Informatics, vol. 15, no. 7, pp. 4362–4369,2019.
[2] R. Ma, P. Cheng, Z. Zhang, W. Liu, Q. Wang, and Q. Wei, “Stealthy Attack Against Redundant Controller Architecture of Industrial Cyber-Physical System,” IEEE
Internet of Things Journal, vol. 6, no. 6, pp.9783–9793, 2019.
[3] E. Nakashima, “Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says.” [Online].
Available: https://www.washingtonpost.com/blogs/checkpointwashington/ post/foreign-hackers-broke-into-illinois-water-plant-controlsystem-industry-expert-
says/2011/11/18/gIQAgmTZYN blog.html
[4] G. Falco, C. Caldera, and H. Shrobe, “IIoT Cybersecurity Risk Modeling for SCADA Systems,” IEEE Internet of Things Journal, vol. 5, no. 6,pp. 4486–4495, 2018.](https://image.slidesharecdn.com/towardsdetectioncyberattacksppt1-230613085932-480474a8/85/TOWARDS-DETECTION-CYBER-ATTACKS-PPT-1-pptx-13-320.jpg)
TOWARDS DETECTION CYBER ATTACKS PPT 1.pptx
- 1. TOWARDS DETECTION AND ATTRIBUTION OF CYBER-ATTACKS IN IOT ENABLED CYBER- PHYSICALSYSYTEMS G . A K H I L S A I T. PA L L AV I R . P R AV L I K A B . A R U N K U M A R M . P R U D V I
- 2. TOPICS 1.INTRODUCTION 2.EXISTING SYSTEM 3.PROPOSED SYSYTEM 4.S/W REQUIREMENTS 5.H/W REQUIREMENTS 6.MODULES 7.UML DIAGRAMS 8.SCREENSHOTS 9.CONCLUSIONS 10.REFERNCES
- 3. INTRODUCTION Internet of Things (IoT) devices are increasingly integrated in cyber-physical systems (CPS), including in critical infrastructure sectors such as dams and utility plants. The connection between ICS or IIoT-based systems with public networks, however, increases their attack surfaces and risks of being targeted by cyber criminals Therefore, system-level security methods are necessary to analyze physical behaviour and maintain system operation availability . This reinforces the importance of designing extremely robust safety and security measurements to detect and prevent intrusions targeting ICS
- 4. EXISTING SYSTEM In , ML algorithms, such as K-Nearest Neighbor (KNN), Random Forest (RF), DT, Logistic Regression (LR), ANN, Na¨ıve Bayes (NB), and SVM were compared in terms of their effectiveness in detecting backdoor, command, and SQL injection attacks in water storage systems. The comparative summary suggested that the RF algorithm has the best attack detection, with a recall of 0.9744; the ANN is the fifth-best algorithm, with a recall of 0.8718; and the LR is the worstperforming algorithm, with a recall of 0.4744. Disadvantages 1) The system is implemented by Conventional Machine Learning. 2) The system doesn’t implement Conventional Machine Learning method.
- 5. PROPOSED SYSTEM The proposed attack detection consists of two phases, namely representation learning and detection phase. Using a conventional unsupervised DNN on an imbalanced dataset yielded a DNN model that mainly learned majority class patterns and missed minority class characteristics. Due to the ICS/IIoT systems’ sensitivity, generated samples should be validated in a real network, which is impossible since the generated attack samples may be harmful to the network and cause severe impacts on the environment or human life. In addition, validation of the generated samples is time-consuming. To avoid the above mentioned problems in handling imbalanced datasets, this study proposed a new deep representation learning method to make the DNN able to handle imbalanced datasets without changing, generating, or removing samples. Advantages 1) The proposed two-phase attack detection component has been implemented. 2) Unsupervised models that incorporate process/physical data can complement a system’s monitoring since they do not rely on detailed knowledge of the cyber-threats.
- 6. S/W REQUIREMENT’S Operating System - Windows XP Coding Language - Java/J2EE(JSP,Servlet) Front End - J2EE Back End - MySQL
- 7. H/W REQUIREMENT’S ➢ Processor - Pentium –IV ➢ RAM - 4 GB (min) ➢ Hard Disk - 20 GB ➢ Key Board - Standard Windows Keyboard ➢ Mouse - Two or Three Button Mouse ➢ Monitor - SVGA
- 8. MODULES (1) IOT Server: The IOT Server enormous storage space, and supplies storage services and downloading services for users. In order to improve storage efficiency, the IOT Server performs deduplication for duplicated files. (2) User: The user is divided into two categories. One is the initial user who uploads files that did not exist in the cloud previously. The other one is the subsequent users who upload files that the IOT Sub Server kept. The initial user generates the authenticators for each encrypted file, then uploads the encrypted file, its corresponding authenticators and the file tag to the IOT Server. (3) IOT Sub Server: The IOT SUB SERVER is responsible for helping users generate the file index and the file label with his private key. With the file index, the cloud can verify whether the file uploaded by the user is duplicated or not. With the file label, the user can generate some keys for encryption and authenticator generation.
- 9. UML DIAGRAMS USE CASE CLASS DIAGRAM
- 11. SCREENSHOTS
- 12. CONCLUSION This paper proposed a novel two-stage ensemble deep learning-based attack detection and attack attribution framework for imbalanced ICS data. The attack detection stage uses deep representation learning to map the samples to the new higher dimensional space and applies a DT to detect the attack samples. This stage is robust to imbalanced datasets and capable of detecting previously unseen attacks. The attack attribution stage is an ensemble of several one-vs-all classifiers, each trained on a specific attack attribute. The entire model forms a complex DNN with a partially connected and fully connected component that can accurately attribute cyberattacks, as demonstrated. Despite the complex architecture of the proposed framework, the computational complexity of the training and testing phases are respectively O(n4) and O(n2), (n is the number of training samples), which are similar to those of other DNN-based techniques in the literature. Moreover, the proposed framework can detect and attribute the samples timely with a better recall and f-measure than previous works. Future extension includes the design of a cyber-threat hunting component to facilitate the identification of anomalies invisible to the detection component for example by building a normal profile over the entire system and the assets.
- 13. REFERENCES [1] F. Zhang, H. A. D. E. Kodituwakku, J. W. Hines, and J. Coble,“Multilayer Data-Driven Cyber-Attack Detection System for Industrial Control Systems Based on Network, System, and Process Data,” IEEE Transactions on Industrial Informatics, vol. 15, no. 7, pp. 4362–4369,2019. [2] R. Ma, P. Cheng, Z. Zhang, W. Liu, Q. Wang, and Q. Wei, “Stealthy Attack Against Redundant Controller Architecture of Industrial Cyber-Physical System,” IEEE Internet of Things Journal, vol. 6, no. 6, pp.9783–9793, 2019. [3] E. Nakashima, “Foreign hackers targeted U.S. water plant in apparent malicious cyber attack, expert says.” [Online]. Available: https://www.washingtonpost.com/blogs/checkpointwashington/ post/foreign-hackers-broke-into-illinois-water-plant-controlsystem-industry-expert- says/2011/11/18/gIQAgmTZYN blog.html [4] G. Falco, C. Caldera, and H. Shrobe, “IIoT Cybersecurity Risk Modeling for SCADA Systems,” IEEE Internet of Things Journal, vol. 5, no. 6,pp. 4486–4495, 2018.