This blog post is our recent work that explains the challenges we have faced in adopting Machine Learning Algorithms for intrusion detection in Industrial Control Systems (ICS). This study is insightful with a summary of several projects both using examples from design and data-centric techniques. Each study is concluding with a lesson learned and some recommendations are made for future research.

Why is it important?

We are witnessing a huge increase in the use of machine learning algorithms to solve problems in multiple domains. Cybersecurity is no exception, machine learning methods have been used from attacks to defense across the board. With the availability of data from ICS testbeds, machine learning is becoming ever more prevalent in critical systems research including but not limited to anomaly detection. Based on extensive research projects utilizing state of the art testbeds at Singapore University of Technology and Design, this article summarises first-hand challenges faced, lessons learned, and recommendations for future work.

Perspective

I am excited to work on this project with Gauthama and Prof. Aditya Mathur. What started as a brainstorming session over dinner turned out to be exciting work and winning us the best paper award as well. The exciting part is recommendations made for future research and we are onto it already, hope to share more interesting results soon.