Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

David Andres Caiza Chafla; William Manuel Montalvo Lopez

doi:10.1109/CHILECON60335.2023.10418653

Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

David Andres Caiza Chafla, William Manuel Montalvo Lopez

Grupo de Investigación en Electrónica Control y Automatización (GIECA)

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución de conferencia › revisión exhaustiva

Resumen

This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.

Idioma original	Inglés
Título de la publicación alojada	ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies
Editorial	Institute of Electrical and Electronics Engineers Inc.
ISBN (versión digital)	9798350369533
DOI	https://doi.org/10.1109/CHILECON60335.2023.10418653
Estado	Publicada - 2023
Evento	2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023 - Hybrid, Valdivia, Chile Duración: 5 dic. 2023 → 7 dic. 2023

Serie de la publicación

Nombre	Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon
ISSN (versión impresa)	2832-1529
ISSN (versión digital)	2832-1537

Conferencia

Conferencia	2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023
País/Territorio	Chile
Ciudad	Hybrid, Valdivia
Período	5/12/23 → 7/12/23

Nota bibliográfica

Publisher Copyright:
© 2023 IEEE.

Acceder al documento

10.1109/CHILECON60335.2023.10418653

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Caiza Chafla, D. A., & Montalvo Lopez, W. M. (2023). Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. En ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CHILECON60335.2023.10418653

Caiza Chafla, David Andres ; Montalvo Lopez, William Manuel. / Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Institute of Electrical and Electronics Engineers Inc., 2023. (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon).

@inproceedings{df6d76335fb346f5abbadbd550bbadd9,

title = "Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems",

abstract = "This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.",

keywords = "ICS, incidents, industrial systems, machine learning, security, web scraping",

author = "{Caiza Chafla}, {David Andres} and {Montalvo Lopez}, {William Manuel}",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023 ; Conference date: 05-12-2023 Through 07-12-2023",

year = "2023",

doi = "10.1109/CHILECON60335.2023.10418653",

language = "English",

series = "Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies",

address = "United States",

}

Caiza Chafla, DA & Montalvo Lopez, WM 2023, Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. En ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon, Institute of Electrical and Electronics Engineers Inc., 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023, Hybrid, Valdivia, Chile, 5/12/23. https://doi.org/10.1109/CHILECON60335.2023.10418653

Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. / Caiza Chafla, David Andres; Montalvo Lopez, William Manuel.
ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Institute of Electrical and Electronics Engineers Inc., 2023. (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon).

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución de conferencia › revisión exhaustiva

TY - GEN

T1 - Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

AU - Caiza Chafla, David Andres

AU - Montalvo Lopez, William Manuel

PY - 2023

Y1 - 2023

N2 - This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.

AB - This research is focused on classifying security data in industrial control systems (ICS) using machine learning models. Currently, ICS mainly focus on the technical and industrial operation of technological infrastructures, neglecting their security. This practice is dangerous as it affects various critical sectors of society. Due to the scarce information and difficult access to security incident data in industrial systems, this study employed web scraping to create a data set called 'SI ICS UPS 2023' with 2914 records of non-null security incidents in text format. For the labeling phase, regular expressions were applied to standardize the data set and propose two main classes of interest in this study. Data cleaning and processing stages were implemented, followed by the training of four machine learning models from scratch. The best-performing model in terms of the area under the curve (AUC) was the Random Forest with a score of 0.76 and an accuracy of 71.20%. These results demonstrate the efficiency of automating processes for the collection and classification of cyber incident data in industrial environments using techniques like web scraping and the utilization of machine learning models.

KW - ICS

KW - incidents

KW - industrial systems

KW - machine learning

KW - security

KW - web scraping

UR - http://www.scopus.com/inward/record.url?scp=85189495262&partnerID=8YFLogxK

U2 - 10.1109/CHILECON60335.2023.10418653

DO - 10.1109/CHILECON60335.2023.10418653

M3 - Conference contribution

AN - SCOPUS:85189495262

T3 - Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon

BT - ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon 2023

Y2 - 5 December 2023 through 7 December 2023

ER -

Caiza Chafla DA, Montalvo Lopez WM. Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems. En ChileCon 2023 - 2023 IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies. Institute of Electrical and Electronics Engineers Inc. 2023. (Proceedings - IEEE CHILEAN Conference on Electrical, Electronics Engineering, Information and Communication Technologies, ChileCon). doi: 10.1109/CHILECON60335.2023.10418653

Implementation of Machine Learning Models to Classify Security Incidents in Industrial Systems

Resumen

Serie de la publicación

Conferencia

Nota bibliográfica

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto