Broadband Communications, Networks, and Systems. 9th International EAI Conference, Broadnets 2018, Faro, Portugal, September 19–20, 2018, Proceedings

Research Article

Machine Learning to Automate Network Segregation for Enhanced Security in Industry 4.0

Download
88 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-05195-2_15,
        author={Firooz Saghezchi and Georgios Mantas and Jos\^{e} Ribeiro and Alireza Esfahani and Hassan Alizadeh and Joaquim Bastos and Jonathan Rodriguez},
        title={Machine Learning to Automate Network Segregation for Enhanced Security in Industry 4.0},
        proceedings={Broadband Communications, Networks, and Systems. 9th International EAI Conference, Broadnets 2018, Faro, Portugal, September 19--20, 2018, Proceedings},
        proceedings_a={BROADNETS},
        year={2019},
        month={1},
        keywords={Industry 4.0 Cyber-Physical Production Systems Security Machine learning Network segregation IIoT MTC Traffic classification},
        doi={10.1007/978-3-030-05195-2_15}
    }
    
  • Firooz Saghezchi
    Georgios Mantas
    José Ribeiro
    Alireza Esfahani
    Hassan Alizadeh
    Joaquim Bastos
    Jonathan Rodriguez
    Year: 2019
    Machine Learning to Automate Network Segregation for Enhanced Security in Industry 4.0
    BROADNETS
    Springer
    DOI: 10.1007/978-3-030-05195-2_15
Firooz Saghezchi1,*, Georgios Mantas2,*, José Ribeiro2,*, Alireza Esfahani2,*, Hassan Alizadeh1,*, Joaquim Bastos2,*, Jonathan Rodriguez1,*
  • 1: University of Aveiro
  • 2: Instituto de Telecomunicações
*Contact email: firooz@ua.pt, gimantas@av.it.pt, jcarlosvgr@av.it.pt, alireza@av.it.pt, hassan.alizadeh@ua.pt, jbastos@av.it.pt, jonathan@ua.pt

Abstract

The heavy reliance of Industry 4.0 on emerging communication technologies, notably Industrial Internet-of-Things (IIoT) and Machine-Type Communications (MTC), and the increasing exposure of these traditionally isolated infrastructures to the Internet, are tremendously increasing the attack surface. Network segregation is a viable solution to address this problem. It essentially splits the network into several logical groups (subnetworks) and enforces adequate security policy on each segment, e.g., restricting unnecessary intergroup communications or controlling the access. However, existing segregation techniques primarily depend on manual configurations, which renders them inefficient for cyber-physical production systems because they are highly complex and heterogeneous environments with massive number of communicating machines. In this paper, we incorporate machine learning to automate network segregation, by efficiently classifying network end-devices into several groups through examining the traffic patterns that they generate. For performance evaluation, we analysed the data collected from a large segment of Infineon’s network in the context of the EU funded ECSEL-JU project “SemI40”. In particular, we applied feature selection and trained several supervised learning algorithms. Test results, using 10-fold cross validation, revealed that the algorithms generalise very well and achieve an accuracy up to 99.4%.