Speaker
Description
Real-time cybersecurity of critical infrastructures
that include multiple networked automation systems represents
a important challenge for the assurance of modern societal
functions. In particular water supply and treatment facilities
have to operate at high availability and efficiency parameters,
with direct impact on public health in the case of performance
degradation or unscheduled down time due to network attacks.
We present a machine learning (ML)-based approach to detect
malicious activities in operational control networks of water util-
ities. The system accounts for the particularities of the industrial
communication protocols used for process control of this critical
sector and presents a comparison between enhanced random
forest models (XGBoost), hybrid neural network architectures
(CNN-MLP) and logistic regression, as reference baseline model.
Binary classification results, evaluated on the popular SWaT
dataset, show that ML methods can extend intrusion detection
system capabilities for accurate attack detection.
