Intrusion Detection and Identification using Tree-Based Machine Learning Algorithms on DCS Network in the Oil Refinery

Kyoung HO Kim, Byung Il Kwak, Mee Lan Han, Huy Kang Kim

Research output: Contribution to journalArticlepeer-review

Abstract

Recently, Critical Infrastructures (CI) such as energy, power, transportation, and communication have come to be increasingly dependent on advanced information and communication technology (ICT). This change has increased the connection between the Industrial Control System (ICS) supporting the CI and the Internet, resulting in an increase in security threats and allowing a malicious attacker to manipulate and control the ICS arbitrarily. On the other hand, ICS operators are reluctant to install security systems for fear of adverse effects on normal operations due to system changes. Therefore, new research is needed to detect anomalies quickly and identify attack types while ensuring the high availability of ICS. This study proposes a host-based method to detect and identify abnormalities in an Oil Refinerys Distributed Control System (DCS) network using DCS vendor-proprietary protocols using a proposed method based on the tree-based machine learning algorithm. The results demonstrate that the proposed method can effectively detect an abnormality with the eXtreme Gradient Boosting (XGB) classifier, with up to 99\% accuracy. Taken together, the results of this study contribute to the accurate detection of abnormal events and identification of attack types on the network without disrupting the normal operation of the DCS in the Oil Refinery.

Original languageEnglish
JournalIEEE Transactions on Power Systems
DOIs
Publication statusAccepted/In press - 2022

Keywords

  • Attack Identification
  • Distributed Control System
  • Industrial Control System
  • Integrated circuits
  • Intrusion Detection
  • Process control
  • Protocols
  • Security
  • Sensor systems
  • Servers
  • Workstations

ASJC Scopus subject areas

  • Energy Engineering and Power Technology
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Intrusion Detection and Identification using Tree-Based Machine Learning Algorithms on DCS Network in the Oil Refinery'. Together they form a unique fingerprint.

Cite this