Conférence : Communications avec actes dans un congrès international

Cyber-physical systems (CPS) have been used in many applications, especially in smart cities and industrial systems. As a result of the exponential development of CPSs connected components, cyber-attacks against CPSs have exploded. Moreover, new critical CPS have high-security constraints that must be detected and predicted at an early stage of the communication process. Thus, it has become harder to detect these attacks. Machine learning is one of the most effective techniques for identifying and detecting CPS vulnerabilities. As a result of the heterogeneity of traffic and attacks only one machine learning algorithm is unreliable. To provide a self-adaptive and scalable prediction/detection mechanism we propose a framework called AAPF-CPS, which combines several machine learning algorithms with statistical tests. With multiple classification algorithms, AAPF-CPS analyzes CPS network logs simultaneously and in real time. Friedman’s test is also used to rank each classifier for each context in AAPF-CPS. Experimental results showed that AAPF-CPS could adapt ML algorithms based on traffic, allowing it to predict and detect potential attacks more efficiently.