Professional Documents
Culture Documents
COMPUTER
PERESENTED BY : QAISAR AYUB SECURITY
M.Faisal
REGISTERATION # CIIT/SP21-
REE-012/ISB
CIIT/SP21-REE-006/ISB
CCTV
SECURITY
MOBILE
SECURITY
NETWORK
BUGS
Introduction
Focus of work
Proposed work
Literature Review
Problem Statement
Conclusion
Introduction (1/3)
The cyber security literature has not taken into account the specific features
and needs of Industrial Control Systems (ICS) and Supervisory Control And
Data Acquisition (SCADA) systems.
These systems are widely used in industries from different sectors (energy, oil &
gas, automated manufacturing, water treatment, chemical, pharmaceutical, etc.)
to control, monitor and execute operations related to physical processes.
ICS/SCADA systems are prone to malfunction when methodologies and tools
widely used in IT environments, are run on control networks. The potential
impact of this is significant since incorrect operation of these devices can
negatively impact the physical environment in which these systems operate.
Industrial Control Systems (ICSs) are becoming more and more important in
managing the operation of many important systems in smart manufacturing,
such as power stations, water supply systems, and manufacturing sites.
Introduction (2/3)
Anomaly detection
Anomaly detection is the identification of rare events, items, or observations which
are suspicious because they differ significantly from standard behaviors or
patterns. Anomalies in data are also called standard deviations, outliers, noise,
novelties, and exceptions.
Security logs
Log files are detailed, text-based records of events within an organization's IT
systems. They are generated by a wide variety of devices and applications, among
them antimalware, system utilities, firewalls, intrusion detection and prevention
systems, servers, workstations and networking equipment.
Focus of work
Proposed work
We use the same method “Anomaly Detection using Hybrid LSTM – based
Autoencoder OCSVM Model” implemented in the paper, but we use the data set
that is different from the author proposed work.
We Download the Dataset from Kaggle [1].
[1] https://www.kaggle.com/icsdataset
Literature Review(1/1)
Literature Review (1/3)
LSTM Auto-encoder:
LSTM Auto-encoder refers to an Auto-encoder network that applies LSTM for both
parts of the encoder and decoder. The objective of the auto-encoder is to learn a
compressed representation for the input using encoding and decoding. More
specifically, in an Auto-encoder network, the input is compressed in the encoder
part into the code, and then it is reconstructed by decompressing the code in the
decoder part.
The LSTM cell for both the encoder and decoder, the LSTM Auto-encoder benefits
from both models: it outperforms the regular auto-encoder in dealing with input
sequences.
Literature Review (2/3)
How to exploit SCADA network and differentiate Anomaly from benign events
How to chose an anomaly detection approach to detect variants of new attacks
in less time
Problem Statement
Logs have been widely used in various maintenance tasks for different ICS
operations.
To pursue more intelligent solutions, many efforts have been devoted to
developing deep learning-based anomaly detectors.
However, we observe they are not fully deployed in industrial practice.