Keywords:Machine learning, Security
Tampering with just one byte of traffic payloads used in industrial control systems (ICS) can cause serious physical accidents. Therefore, it is necessary to analyze the payload in a cyber attack detection system targeting ICS. However, since various protocols are used in ICS, a high level of expertise is required to manually extract the features from the payload. Therefore, in this paper, we propose a method for automatic payload analysis using Bidirectional Encoder Representations for Transformers (BERT). By treating each byte as a word and using BERT, we can obtain one fixed-length feature vector from the payload. The vector contains information such as the position of each byte and its relation to to nearby bytes. We experimentally show the effectiveness of the proposed method on several ICS datasets in the anomaly detection task.
Authentication for paper PDF access
A password is required to view paper PDFs. If you are a registered participant, please log on the site from Participant Log In.
You could view the PDF with entering the PDF viewing password bellow.