Machine Learning Algorithms for Identifying Dependencies in OT Protocols
This study illustrates the utility and effectiveness of machine learning algorithms in identifying dependencies in data transmitted in industrial networks. The analysis was performed for two different algorithms. The study was carried out for the XGBoost (Extreme Gradient Boosting) algorithm based o...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-05-01
|
| Series: | Energies |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1996-1073/16/10/4056 |
| _version_ | 1797600377492733952 |
|---|---|
| author | Milosz Smolarczyk Jakub Pawluk Alicja Kotyla Sebastian Plamowski Katarzyna Kaminska Krzysztof Szczypiorski |
| author_facet | Milosz Smolarczyk Jakub Pawluk Alicja Kotyla Sebastian Plamowski Katarzyna Kaminska Krzysztof Szczypiorski |
| author_sort | Milosz Smolarczyk |
| collection | DOAJ |
| description | This study illustrates the utility and effectiveness of machine learning algorithms in identifying dependencies in data transmitted in industrial networks. The analysis was performed for two different algorithms. The study was carried out for the XGBoost (Extreme Gradient Boosting) algorithm based on a set of decision tree model classifiers, and the second algorithm tested was the EBM (Explainable Boosting Machines), which belongs to the class of Generalized Additive Models (GAM). Tests were conducted for several test scenarios. Simulated data from static equations were used, as were data from a simulator described by dynamic differential equations, and the final one used data from an actual physical laboratory bench connected via Modbus TCP/IP. Experimental results of both techniques are presented, thus demonstrating the effectiveness of the algorithms. The results show the strength of the algorithms studied, especially against static data. For dynamic data, the results are worse, but still at a level that allows using the researched methods to identify dependencies. The algorithms presented in this paper were used as a passive protection layer of a commercial IDS (Intrusion Detection System). |
| first_indexed | 2024-03-11T03:47:16Z |
| format | Article |
| id | doaj.art-f10598681c4549079aa67cec0c7a7cf6 |
| institution | Directory Open Access Journal |
| issn | 1996-1073 |
| language | English |
| last_indexed | 2024-03-11T03:47:16Z |
| publishDate | 2023-05-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Energies |
| spelling | doaj.art-f10598681c4549079aa67cec0c7a7cf62023-11-18T01:12:15ZengMDPI AGEnergies1996-10732023-05-011610405610.3390/en16104056Machine Learning Algorithms for Identifying Dependencies in OT ProtocolsMilosz Smolarczyk0Jakub Pawluk1Alicja Kotyla2Sebastian Plamowski3Katarzyna Kaminska4Krzysztof Szczypiorski5Research & Development Department, Cryptomage LLC, St. Petersburg, FL 33702, USAResearch & Development Department, Cryptomage SA, 50-556 Wrocław, PolandResearch & Development Department, Cryptomage SA, 50-556 Wrocław, PolandInstitute of Control and Computation Engineering, Warsaw University of Technology, 00-661 Warsaw, PolandResearch & Development Department, Cryptomage SA, 50-556 Wrocław, PolandResearch & Development Department, Cryptomage SA, 50-556 Wrocław, PolandThis study illustrates the utility and effectiveness of machine learning algorithms in identifying dependencies in data transmitted in industrial networks. The analysis was performed for two different algorithms. The study was carried out for the XGBoost (Extreme Gradient Boosting) algorithm based on a set of decision tree model classifiers, and the second algorithm tested was the EBM (Explainable Boosting Machines), which belongs to the class of Generalized Additive Models (GAM). Tests were conducted for several test scenarios. Simulated data from static equations were used, as were data from a simulator described by dynamic differential equations, and the final one used data from an actual physical laboratory bench connected via Modbus TCP/IP. Experimental results of both techniques are presented, thus demonstrating the effectiveness of the algorithms. The results show the strength of the algorithms studied, especially against static data. For dynamic data, the results are worse, but still at a level that allows using the researched methods to identify dependencies. The algorithms presented in this paper were used as a passive protection layer of a commercial IDS (Intrusion Detection System).https://www.mdpi.com/1996-1073/16/10/4056cybersecuritymachine learningXGBoostEBMGAMModbus TCP/IP |
| spellingShingle | Milosz Smolarczyk Jakub Pawluk Alicja Kotyla Sebastian Plamowski Katarzyna Kaminska Krzysztof Szczypiorski Machine Learning Algorithms for Identifying Dependencies in OT Protocols Energies cybersecurity machine learning XGBoost EBM GAM Modbus TCP/IP |
| title | Machine Learning Algorithms for Identifying Dependencies in OT Protocols |
| title_full | Machine Learning Algorithms for Identifying Dependencies in OT Protocols |
| title_fullStr | Machine Learning Algorithms for Identifying Dependencies in OT Protocols |
| title_full_unstemmed | Machine Learning Algorithms for Identifying Dependencies in OT Protocols |
| title_short | Machine Learning Algorithms for Identifying Dependencies in OT Protocols |
| title_sort | machine learning algorithms for identifying dependencies in ot protocols |
| topic | cybersecurity machine learning XGBoost EBM GAM Modbus TCP/IP |
| url | https://www.mdpi.com/1996-1073/16/10/4056 |
| work_keys_str_mv | AT miloszsmolarczyk machinelearningalgorithmsforidentifyingdependenciesinotprotocols AT jakubpawluk machinelearningalgorithmsforidentifyingdependenciesinotprotocols AT alicjakotyla machinelearningalgorithmsforidentifyingdependenciesinotprotocols AT sebastianplamowski machinelearningalgorithmsforidentifyingdependenciesinotprotocols AT katarzynakaminska machinelearningalgorithmsforidentifyingdependenciesinotprotocols AT krzysztofszczypiorski machinelearningalgorithmsforidentifyingdependenciesinotprotocols |