Recent incidents have shown that Industrial Control Systems (ICS) are becoming increasingly susceptible to sophisticated and targeted attacks initiated by adversaries with high motivation, domain knowledge, resources. Although traditional security mechanisms can be implemented at the IT-infrastructure level of such cyber-physical systems, community has acknowledged it is imperative also monitor process-level activity, as on ICS may very well influence physical process. In this paper, we...

Nowadays, vehicles have complex in-vehicle networks (IVNs) with millions of lines code controlling almost every function in the vehicle including safety-critical functions. It has recently been shown that IVNs are becoming increasingly vulnerable to cyber-attacks capable taking control vehicles, thereby threatening safety passengers. Several countermeasures proposed literature response arising threats, however, hurdle requirements imposed by industry is hindering their adoption practice. In...

Process-aware attack detection plays a key role in securing cyber-physical systems. A process-aware system (PADS) identifies baseline behaviour of the physical process systems and continuously attempts to detect deviations from attributed malicious modifications operation. Typically, PADS triggers an alarm whenever score crosses fixed predetermined threshold. In this paper, we argue that context systems, relying on single threshold can undermine effectiveness PADS, propose context-aware...

Much research effort has recently been devoted to securing Industrial Control Systems (ICS) in response the increasing number of adverse incidents targeting nation-wide critical infrastructures. Leveraging static and regular nature behavior control systems, various data-driven methods that monitor process-level network have proposed as a defensive measure. Although these evaluated through offline analysis ICS-related datasets, absence documented live experiments real environments, complete...

Incorporating information and communication technology in the operation of electricity grid is undoubtedly contributing to a more cost-efficient, controllable, flexible power grid. Although this promoting flexibility convenience, its integration with rendering critical infrastructure inherently vulnerable cyberattacks that have potential cause large-scale far-reaching damage. In light growing need for resilient smart grid, developing suitable security mechanisms has become pressing matter....

One of the main tasks sought after with machine learning is classification. Support vector machines are one widely used algorithms for data SVMs by default binary classifiers, extending them to multi-class classifiers a challenging on-going research problem. In this paper, we propose new approach constructing classification function, where structure and properties support vectors exploited without altering training procedure. Our contribution based on insight that not restricted using...

With their inherent convenience factor, Internet of Things (IoT) devices have exploded in numbers during the last decade, but at cost security. Machine learning (ML) based intrusion detection systems (IDS) are increasingly proving necessary tools for attack detection, requirements such as extensive data collection and model training make these computationally heavy resource-limited IoT hardware. This paper's main contribution to cyber security research field is a demonstration how dynamic...

Process-level detection of cyberattacks on industrial control systems pertain to observing the physical process detect implausible behavior. State-of-the-art techniques identify a baseline normal behavior from historical measurements and then monitor system operation in real time deviations baseline. Evidently, these are intended be connected flow able acquire analyze necessary measurement data, which makes them susceptible compromise by attacker. In this paper, we approach process-level...

Nowadays, vehicles have complex in-vehicle networks that recently been shown to be increasingly vulnerable cyber-attacks capable of taking control the vehicles, thereby threatening safety passengers. Several countermeasures proposed in literature response arising threats, however, hurdle requirements imposed by industry is hindering their adoption practice. In this paper, we propose spectra, a data-driven anomaly-detection mechanism based on spectral analysis CAN-message payloads. Spectra...