Adversarial attacks on machine learning cybersecurity defences in Industrial Control Systems

Anthi, Eirini; Williams, Lowri; Rhode, Matilda; Burnap, Pete; Wedgbury, Adam

doi:10.1016/j.jisa.2020.102717

Cited by 91 publications

(55 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Further cyber risk assessment challenges emerge from compiling of connected systems, devices and platforms [9]. This creates cyber risk (e.g., from data in transit) [10] and requires standardisation of processes [11]. We combine literature analysis on these topics, with epistemological analysis to uncover the best method to define a risk assessment for IoT cyber risk.…”

Section: Methodsmentioning

confidence: 99%

Epistemological Equation for Analysing Uncontrollable States in Complex Systems: Quantifying Cyber Risks from the Internet of Things

Radanliev

Roure

Burnap

et al. 2021

Rev Socionetwork Strat

Self Cite

View full text Add to dashboard Cite

The Internet-of-Things (IoT) triggers data protection questions and new types of cyber risks. Cyber risk regulations for the IoT, however, are still in their infancy. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. At present, there are no self-assessment methods for quantifying IoT cyber risk posture. It is considered that IoT represent a complex system with too many uncontrollable risk states for quantitative risk assessment. To enable quantitative risk assessment of uncontrollable risk states in complex and coupled IoT systems, a new epistemological equation is designed and tested though comparative and empirical analysis. The comparative analysis is conducted on national digital strategies, followed by an empirical analysis of cyber risk assessment approaches. The results from the analysis present the current and a target state for IoT systems, followed by a transformation roadmap, describing how IoT systems can achieve the target state with a new epistemological analysis model. The new epistemological analysis approach enables the assessment of uncontrollable risk states in complex IoT systems—which begin to resemble artificial intelligence—and can be used for a quantitative self-assessment of IoT cyber risk posture.

show abstract

Section: Methodsmentioning

confidence: 99%

Epistemological Equation for Analysing Uncontrollable States in Complex Systems: Quantifying Cyber Risks from the Internet of Things

Radanliev

Roure

Burnap

et al. 2021

Rev Socionetwork Strat

Self Cite

View full text Add to dashboard Cite

show abstract

“…With the increased use of ML in Intrusion Detection Systems (IDS) and IDPS systems within cyber security packages of SME communities, there suddenly lies the introduction of a new type of attack called Adversarial Machine Learning (AML) [ 1 ]. In a paper by Anthi et al [ 17 ] states that with the introduction of ML IDSs, comes the creation of additional attack vectors specifically trying to break the ML algorithms and causing a bypass to these IDS and IDPS systems. This causes the learning models of ML algorithms subject to cyber-attacks, often referred to as AML.…”

Section: Cybersecuritymentioning

confidence: 99%

“…These AMLs are thought to be detrimental as they can cause further delayed attack detection which could result in infrastructure damages, financial loss, and even loss of life. As [ 17 ] suggests, the emergence of Industrial Control Systems (ICS) plays a critical part on national infrastructure such as manufacturing, power/smart grids, water treatment plants, gas and oil refineries, and health-care. With ICS becoming more integrated and connected to the internet, the degree of remote access and monitoring functionalities increases thus becoming a vulnerable point target for cyber war.…”

Section: Cybersecuritymentioning

confidence: 99%

Cybersecurity, Data Privacy and Blockchain: A Review

et al. 2022

View full text Add to dashboard Cite

In this paper, we identify and review key challenges to bridge the knowledge-gap between SME’s, companies, organisations, businesses, government institutions and the general public in adopting, promoting and utilising Blockchain technology. The challenges indicated are Cybersecurity and Data privacy in this instance. Additional challenges are set out supported by literature, in researching data security management systems and legal frameworks to ascertaining the types and varieties of valid encryption, data acquisition, policy and outcomes under ISO 27001 and the General Data Protection Regulations. Blockchain, a revolutionary method of storage and immutability, provides a robust storage strategy, and when coupled with a Smart Contract, gives users the ability to form partnerships, share information and consent via a legally-based system of carrying out business transactions in a secure digital domain. Globally, ethical and legal challenges significantly differ; consent and trust in the public and private sectors in deploying such defensive data management strategies, is directly related to the accountability and transparency systems in place to deliver certainty and justice. Therefore, investment and research in these areas is crucial to establishing a dialogue between nations to include health, finance and market strategies that should encompass all levels of society. A framework is proposed with elements to include Big Data, Machine Learning and Visualisation methods and techniques. Through the literature we identify a system necessary in carrying out experiments to detect, capture, process and store data. This includes isolating packet data to inform levels of Cybersecurity and privacy-related activities, and ensuring transparency demonstrated in a secure, smart and effective manner.

show abstract

“…The authors in [20] explore the consequences of adversarial attacks and show how adversarial training can support the robustness of supervised models. They use confusion matrices and classification performance of J48 and Random Forest models trained on adversarial samples generated.…”

Section: Related Workmentioning

confidence: 99%

“…They use confusion matrices and classification performance of J48 and Random Forest models trained on adversarial samples generated. Notably, [20] addresses the unique challenges of implementing adversarial attacks in the cybersecurity domain. Although the paper discusses the FGSM attack, unlike our proposal, it does not use CNN.…”

Section: Related Workmentioning

confidence: 99%

Addressing Adversarial Machine Learning Attacks in Smart Healthcare Perspectives

Arawinkumaar¹,

Pal²,

Jadidi³

2021

Preprint

View full text Add to dashboard Cite

Smart healthcare systems are gaining popularity with the rapid development of intelligent sensors, the Internet of Things (IoT) applications and services, and wireless communications. However, at the same time, several vulnerabilities and adversarial attacks make it challenging for a safe and secure smart healthcare system from a security point of view. Machine learning has been used widely to develop suitable models to predict and mitigate attacks. Still, the attacks could trick the machine learning models and misclassify outputs generated by the model. As a result, it leads to incorrect decisions, for example, false disease detection and wrong treatment plans for patients. In this paper, we address the type of adversarial attacks and their impact on smart healthcare systems. We propose a model to examine how adversarial attacks impact machine learning classifiers. To test the model, we use a medical image dataset. Our model can classify medical images with high accuracy. We then attacked the model with a Fast Gradient Method Sign attack (FGSM) to cause the model to predict the images and misclassify them inaccurately. Using transfer learning, we train a VGG-19 model with the medical dataset and later implement the FGSM to the Convolutional Neural Network (CNN) to examine the significant impact it causes on the performance and accuracy of the machine learning model. Our results demonstrate that the adversarial attack misclassifies the images, causing the model's accuracy rate to drop from 88% to 11%.

show abstract

Adversarial attacks on machine learning cybersecurity defences in Industrial Control Systems

Cited by 91 publications

References 14 publications

Epistemological Equation for Analysing Uncontrollable States in Complex Systems: Quantifying Cyber Risks from the Internet of Things

Epistemological Equation for Analysing Uncontrollable States in Complex Systems: Quantifying Cyber Risks from the Internet of Things

Cybersecurity, Data Privacy and Blockchain: A Review

Addressing Adversarial Machine Learning Attacks in Smart Healthcare Perspectives

Contact Info

Product

Resources

About