repository
CNN-based Intrusion Detection System Using Packet Payload for Industrial Control Systems
- Author(s)
- 송주엽
- Advisor
- 최영준
- Department
- 일반대학원 컴퓨터공학과
- Publisher
- The Graduate School, Ajou University
- Publication Year
- 2019-02
- Language
- eng
- Alternative Abstract
- As industrial control systems are connected with networks, they are exposed to more security threats. To cope with cyber attacks, rule-based detection has been adopted but faces limitation as cyber attacks become more sophisticated. Therefore, Intrusion Detection System (IDS) has been deployed in reality but existing IDS primarily uses packet header information to perform traffic flow detection. However, such IDS has problems because it does not detect packet deformation properly. To solve this problem, we propose to use packet payload in IDS to respond to a variety of attacks and at the same time achieve high performance. We use Convolution Neural Network (CNN) models, one of deep neural networks, which have been known to work well for image classification. To fit to the input of CNN, we need to convert the packet payload to corresponding images. To do so, we develop preprocessing methods: padding-based and filter-based, as well as existing histogram-based method. We further use N-Gram together with these preprocessing methods for performance enhancement. We also propose detection models that detect both packet modification and traffic flow by inspecting each packet and a sequence of packets. For this, we generate abnormal data to address data imbalances without abnormal traffic during learning and testing. To verify the effectiveness of the proposed methods, the packet detection and sequence detection models are compared and analyzed in terms of the detection accuracy. For evaluation, cross-verification is conducted to increase the reliability of the statistics.
- Fulltext
- Appears in Collections:
- Graduate School of Ajou University > Department of Computer Engineering > 3. Theses(Master)
- Files in This Item:
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
-
- License
- STATISTICS
- Total Visit :3,767,197
- Total Download :1,819
- Today View :3,698
