Abstract
In industrial control systems (ICSs), intrusion detection is a vital task. Conventional intrusion detection systems (IDSs) rely on manually designed rules. These rules heavily depend on professional experience, thereby making it challenging to represent the increasingly complicated industrial control logic. Although deep learning-based approaches provide better accuracy than other methods, they can only provide alerts. However, they cannot provide administrators with detailed information. In this study, we propose the logic understanding IDS (LU-IDS), which is a rule-based IDS with in-depth understandings of industrial control logic. Our proposed LU-IDS uses a specially designed deep learning-based model to capture features automatically and carry out attack classification. More importantly, it analyzes the knowledge learned from the classification of attacks to understand the abnormal industrial control logic and generate rules. The experimental results indicate that our proposed LU-IDS demonstrates excellent performance on intrusion detection. The rules generated by our proposed LU-IDS can be used to successfully detect all types of attacks on two public datasets.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
