Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

David Andres Caiza Chafla; William Manuel Montalvo Lopez

doi:10.1109/CHILECON60335.2023.10418653

Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

David Andres Caiza Chafla, William Manuel Montalvo Lopez

Research Group in Electronics Control and Automation (GIECA)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.

Original language	English
Title of host publication	ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9798350369533
DOIs	https://doi.org/10.1109/CHILECON60335.2023.10418653
State	Published - 2023
Event	2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023 - Hybrid, Valdivia, Chile Duration: 5 Dec 2023 → 7 Dec 2023

Publication series

Name	Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon
ISSN (Print)	2832-1529
ISSN (Electronic)	2832-1537

Conference

Conference	2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023
Country/Territory	Chile
City	Hybrid, Valdivia
Period	5/12/23 → 7/12/23

Bibliographical note

Publisher Copyright:
© 2023 IEEE.

Keywords

ICS
incidents
industrial systems
machine learning
security
web scraping

Access to Document

10.1109/CHILECON60335.2023.10418653

Cite this

Caiza Chafla, D. A., & Montalvo Lopez, W. M. (2023). Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. In ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CHILECON60335.2023.10418653

Caiza Chafla, David Andres ; Montalvo Lopez, William Manuel. / Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Institute of Electrical and Electronics Engineers Inc., 2023. (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon).

@inproceedings{df6d76335fb346f5abbadbd550bbadd9,

title = "Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems",

abstract = "This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.",

keywords = "ICS, incidents, industrial systems, machine learning, security, web scraping",

author = "{Caiza Chafla}, {David Andres} and {Montalvo Lopez}, {William Manuel}",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023 ; Conference date: 05-12-2023 Through 07-12-2023",

year = "2023",

doi = "10.1109/CHILECON60335.2023.10418653",

language = "English",

series = "Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies",

address = "United States",

}

Caiza Chafla, DA & Montalvo Lopez, WM 2023, Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. in ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon, Institute of Electrical and Electronics Engineers Inc., 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023, Hybrid, Valdivia, Chile, 5/12/23. https://doi.org/10.1109/CHILECON60335.2023.10418653

Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. / Caiza Chafla, David Andres; Montalvo Lopez, William Manuel.
ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Institute of Electrical and Electronics Engineers Inc., 2023. (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

AU - Caiza Chafla, David Andres

AU - Montalvo Lopez, William Manuel

PY - 2023

Y1 - 2023

N2 - This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.

AB - This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.

KW - ICS

KW - incidents

KW - industrial systems

KW - machine learning

KW - security

KW - web scraping

UR - http://www.scopus.com/inward/record.url?scp=85189495262&partnerID=8YFLogxK

U2 - 10.1109/CHILECON60335.2023.10418653

DO - 10.1109/CHILECON60335.2023.10418653

M3 - Conference contribution

AN - SCOPUS:85189495262

T3 - Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon

BT - ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023

Y2 - 5 December 2023 through 7 December 2023

ER -

Caiza Chafla DA, Montalvo Lopez WM. Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. In ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Institute of Electrical and Electronics Engineers Inc. 2023. (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon). doi: 10.1109/CHILECON60335.2023.10418653

Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this