Cyber intrusion detection in operations of bulk handling ports

Kim Monks; Elena Sitnikova; Nour Moustafa

Cyber intrusion detection in operations of bulk handling ports

Kim Monks
, Elena Sitnikova
, Nour Moustafa

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Bulk handling ports are integral to the well-being of resource-driven export economies. They rely on Industrial Control Systems (ICS) to coordinate the receiving, stockpiling, processing and loading of bulk carriers to sustain the 24/7 movement of millions of tons of material. Defense of an ICS against cyber-attack is essential to the resilient operation of these ports, and identification and remediation of intrusions are significant components of effective defense practice. This paper investigates the role of Machine Learning (ML) algorithms in designing an efficient Intrusion Detection System (IDS) that can recognise malicious activities that confront the ICS of a bulk handling port and includes an assessment of existing IDS-based ML methods. We also design a bulk port cyber simulation to evaluate some well-known ML techniques and their capability for establishing an effective bulk handling port ICS IDS. The empirical results reveal that the use of ML techniques can achieve high performance in terms of accuracy and false alarm rates in a simulated environment. However, a comparison of a simulated bulk handling port environment with a production environment led us to conclude that our simulation needs further analysis and modelling in order to be applied in real Bulk handling ports.

Original language	English
Title of host publication	Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018
Editors	Audun Josang
Place of Publication	Red Hook, NY
Publisher	Curran Associates Inc
Pages	307-316
Number of pages	10
ISBN (Electronic)	9781911218852, 9781510866041
Publication status	Published - Jun 2018
Externally published	Yes
Event	17th European Conference on Cyber Warfare and Security, ECCWS 2018 - Oslo, Norway Duration: 28 Jun 2018 → 29 Jun 2018

Publication series

Name	European Conference on Information Warfare and Security, ECCWS
Volume	2018-June
ISSN (Print)	2048-8602
ISSN (Electronic)	2048-8610

Conference

Conference	17th European Conference on Cyber Warfare and Security, ECCWS 2018
Country/Territory	Norway
City	Oslo
Period	28/06/18 → 29/06/18

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 9 Industry, Innovation, and Infrastructure

Keywords

Anomaly detection
Bulk handling port
Cyber attack
Industrial control system
Intrusion detection

Cite this

@inproceedings{e587c99baf3b495f9b3ce13844a4c912,

title = "Cyber intrusion detection in operations of bulk handling ports",

abstract = "Bulk handling ports are integral to the well-being of resource-driven export economies. They rely on Industrial Control Systems (ICS) to coordinate the receiving, stockpiling, processing and loading of bulk carriers to sustain the 24/7 movement of millions of tons of material. Defense of an ICS against cyber-attack is essential to the resilient operation of these ports, and identification and remediation of intrusions are significant components of effective defense practice. This paper investigates the role of Machine Learning (ML) algorithms in designing an efficient Intrusion Detection System (IDS) that can recognise malicious activities that confront the ICS of a bulk handling port and includes an assessment of existing IDS-based ML methods. We also design a bulk port cyber simulation to evaluate some well-known ML techniques and their capability for establishing an effective bulk handling port ICS IDS. The empirical results reveal that the use of ML techniques can achieve high performance in terms of accuracy and false alarm rates in a simulated environment. However, a comparison of a simulated bulk handling port environment with a production environment led us to conclude that our simulation needs further analysis and modelling in order to be applied in real Bulk handling ports.",

keywords = "Anomaly detection, Bulk handling port, Cyber attack, Industrial control system, Intrusion detection",

author = "Kim Monks and Elena Sitnikova and Nour Moustafa",

year = "2018",

month = jun,

language = "English",

series = "European Conference on Information Warfare and Security, ECCWS",

publisher = "Curran Associates Inc",

pages = "307--316",

editor = "Audun Josang",

booktitle = "Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018",

note = "17th European Conference on Cyber Warfare and Security, ECCWS 2018 ; Conference date: 28-06-2018 Through 29-06-2018",

}

Monks, K, Sitnikova, E & Moustafa, N 2018, Cyber intrusion detection in operations of bulk handling ports. in A Josang (ed.), Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018. European Conference on Information Warfare and Security, ECCWS, vol. 2018-June, Curran Associates Inc, Red Hook, NY, pp. 307-316, 17th European Conference on Cyber Warfare and Security, ECCWS 2018, Oslo, Norway, 28/06/18.

Cyber intrusion detection in operations of bulk handling ports. / Monks, Kim; Sitnikova, Elena; Moustafa, Nour.
Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018. ed. / Audun Josang. Red Hook, NY: Curran Associates Inc, 2018. p. 307-316 (European Conference on Information Warfare and Security, ECCWS; Vol. 2018-June).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Cyber intrusion detection in operations of bulk handling ports

AU - Monks, Kim

AU - Sitnikova, Elena

AU - Moustafa, Nour

PY - 2018/6

Y1 - 2018/6

N2 - Bulk handling ports are integral to the well-being of resource-driven export economies. They rely on Industrial Control Systems (ICS) to coordinate the receiving, stockpiling, processing and loading of bulk carriers to sustain the 24/7 movement of millions of tons of material. Defense of an ICS against cyber-attack is essential to the resilient operation of these ports, and identification and remediation of intrusions are significant components of effective defense practice. This paper investigates the role of Machine Learning (ML) algorithms in designing an efficient Intrusion Detection System (IDS) that can recognise malicious activities that confront the ICS of a bulk handling port and includes an assessment of existing IDS-based ML methods. We also design a bulk port cyber simulation to evaluate some well-known ML techniques and their capability for establishing an effective bulk handling port ICS IDS. The empirical results reveal that the use of ML techniques can achieve high performance in terms of accuracy and false alarm rates in a simulated environment. However, a comparison of a simulated bulk handling port environment with a production environment led us to conclude that our simulation needs further analysis and modelling in order to be applied in real Bulk handling ports.

AB - Bulk handling ports are integral to the well-being of resource-driven export economies. They rely on Industrial Control Systems (ICS) to coordinate the receiving, stockpiling, processing and loading of bulk carriers to sustain the 24/7 movement of millions of tons of material. Defense of an ICS against cyber-attack is essential to the resilient operation of these ports, and identification and remediation of intrusions are significant components of effective defense practice. This paper investigates the role of Machine Learning (ML) algorithms in designing an efficient Intrusion Detection System (IDS) that can recognise malicious activities that confront the ICS of a bulk handling port and includes an assessment of existing IDS-based ML methods. We also design a bulk port cyber simulation to evaluate some well-known ML techniques and their capability for establishing an effective bulk handling port ICS IDS. The empirical results reveal that the use of ML techniques can achieve high performance in terms of accuracy and false alarm rates in a simulated environment. However, a comparison of a simulated bulk handling port environment with a production environment led us to conclude that our simulation needs further analysis and modelling in order to be applied in real Bulk handling ports.

KW - Anomaly detection

KW - Bulk handling port

KW - Cyber attack

KW - Industrial control system

KW - Intrusion detection

UR - https://www.scopus.com/pages/publications/85050821550

M3 - Conference contribution

AN - SCOPUS:85050821550

T3 - European Conference on Information Warfare and Security, ECCWS

SP - 307

EP - 316

BT - Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018

A2 - Josang, Audun

PB - Curran Associates Inc

CY - Red Hook, NY

T2 - 17th European Conference on Cyber Warfare and Security, ECCWS 2018

Y2 - 28 June 2018 through 29 June 2018

ER -

Cyber intrusion detection in operations of bulk handling ports

Abstract

Publication series

Conference

UN SDGs

Keywords

Other files and links

Fingerprint

Cite this