Generation of process time series on ICS to produce regular network data packets

Papers about topic 7 Generation of process time series on ICS to produce regular network data packets

papers/Topic7 Generation of process time series on ICS/U-A Comparative Study of Time Series Anomaly Detection Models/A Comparative Study of Time Series Anomaly Detection Models.bib

@@ -0,0 +1,18 @@
+
+@Article{s23031310,
+AUTHOR = {Kim, Bedeuro and Alawami, Mohsen Ali and Kim, Eunsoo and Oh, Sanghak and Park, Jeongyong and Kim, Hyoungshick},
+TITLE = {A Comparative Study of Time Series Anomaly Detection Models for Industrial Control Systems},
+JOURNAL = {Sensors},
+VOLUME = {23},
+YEAR = {2023},
+NUMBER = {3},
+ARTICLE-NUMBER = {1310},
+URL = {https://www.mdpi.com/1424-8220/23/3/1310},
+PubMedID = {36772349},
+ISSN = {1424-8220},
+ABSTRACT = {Anomaly detection has been known as an effective technique to detect faults or cyber-attacks in industrial control systems (ICS). Therefore, many anomaly detection models have been proposed for ICS. However, most models have been implemented and evaluated under specific circumstances, which leads to confusion about choosing the best model in a real-world situation. In other words, there still needs to be a comprehensive comparison of state-of-the-art anomaly detection models with common experimental configurations. To address this problem, we conduct a comparative study of five representative time series anomaly detection models: InterFusion, RANSynCoder, GDN, LSTM-ED, and USAD. We specifically compare the performance analysis of the models in detection accuracy, training, and testing times with two publicly available datasets: SWaT and HAI. The experimental results show that the best model results are inconsistent with the datasets. For SWaT, InterFusion achieves the highest F1-score of 90.7% while RANSynCoder achieves the highest F1-score of 82.9% for HAI. We also investigate the effects of the training set size on the performance of anomaly detection models. We found that about 40% of the entire training set would be sufficient to build a model producing a similar performance compared to using the entire training set.},
+DOI = {10.3390/s23031310}
+}
+
+
+

papers/Topic7 Generation of process time series on ICS/U-A review of time-series analysis for cyber security analytics/A review of time-series analysis for cyber security analytics.ris

@@ -0,0 +1,19 @@
+TY  - JOUR
+AU  - Landauer, Max
+AU  - Skopik, Florian
+AU  - Stojanović, Branka
+AU  - Flatscher, Andreas
+AU  - Ullrich, Torsten
+PY  - 2024
+DA  - 2024/10/30
+TI  - A review of time-series analysis for cyber security analytics: from intrusion detection to attack prediction
+JO  - International Journal of Information Security
+SP  - 3
+VL  - 24
+IS  - 1
+AB  - Understanding the current threat landscape as well as timely detection of imminent attacks are primary objectives of cyber security. Through time-series modeling of security data, such as event logs, alerts, or incidents, analysts take a step towards these goals. On the one hand, extrapolating time-series to predict future occurrences of attacks and vulnerabilities is able to support decision-making and preparation against threats. On the other hand, detection of model deviations as anomalies can point to suspicious outliers and thereby disclose cyber attacks. However, since the set of available techniques for time-series analysis is just as diverse as the research domains in the area of cyber security analytics, it can be difficult for analysts to understand which approaches fit the properties of security data at hand. This paper therefore conducts a broad literature review in research domains that leverage time-series analysis for cyber security analytics, with focus on available techniques, data sets, and challenges imposed by applications or feature properties. The results of our study indicate that relevant approaches range from detective systems ingesting short-term and low-level events to models that produce long-term forecasts of high-level attack cases.
+SN  - 1615-5270
+UR  - https://doi.org/10.1007/s10207-024-00921-0
+DO  - 10.1007/s10207-024-00921-0
+ID  - Landauer2024
+ER  - 

papers/Topic7 Generation of process time series on ICS/U-Assessing Deep Generative Models on Time Series Network Data/Assessing_Deep_Generative_Models_on_Time_Series_Network_Data.bib

@@ -0,0 +1,10 @@
+@ARTICLE{9781420,
+  author={Naveed, Muhammad Haris and Hashmi, Umair Sajid and Tajved, Nayab and Sultan, Neha and Imran, Ali},
+  journal={IEEE Access}, 
+  title={Assessing Deep Generative Models on Time Series Network Data}, 
+  year={2022},
+  volume={10},
+  number={},
+  pages={64601-64617},
+  keywords={Data models;Generative adversarial networks;Telecommunications;Solid modeling;Training data;Time series analysis;Predictive models;Machine learning;GAN;TimeGAN;PAR;DoppleGANger;time series;forecast analysis},
+  doi={10.1109/ACCESS.2022.3177906}}

papers/Topic7 Generation of process time series on ICS/U-Creating interpretable synthetic time series for/Creating interpretable synthetic time series for.bib

@@ -0,0 +1,13 @@
+@article{GKOULIS2025101500,
+title = {Creating interpretable synthetic time series for enhancing the design and implementation of Internet of Things (IoT) solutions},
+journal = {Internet of Things},
+volume = {30},
+pages = {101500},
+year = {2025},
+issn = {2542-6605},
+doi = {https://doi.org/10.1016/j.iot.2025.101500},
+url = {https://www.sciencedirect.com/science/article/pii/S2542660525000137},
+author = {Dimitris Gkoulis},
+keywords = {Internet of Things (IoT), Synthetic data, Synthetic time series, IoT simulation},
+abstract = {This study establishes a foundation for addressing the challenge of developing Internet of Things (IoT) solutions in the absence of real-world data, a common obstacle in the early stages of IoT design, prototyping, and testing. Motivated by the need for reliable and interpretable synthetic data, this work introduces a structured approach and a dedicated library for creating realistic time series data. The methodology emphasizes flexibility and modularity, allowing for the combination of distinct components–such as trends, seasonality, and noise–to create synthetic data that accurately reflects real-world phenomena while maintaining interpretability. The approach’s utility is demonstrated by creating synthetic air temperature time series, which are rigorously compared against real-world datasets to assess their fidelity. The results validate the proposed methodology’s and library’s effectiveness in producing data that closely mirrors real-world patterns, providing a robust tool for IoT development in data-constrained environments.}
+}

papers/Topic7 Generation of process time series on ICS/U-Data-Driven ICS Network Simulation for Synthetic Data Generation/Data-Driven ICS Network Simulation for Synthetic .bib

@@ -0,0 +1,17 @@
+
+@Article{electronics13101920,
+AUTHOR = {Kim, Minseo and Jeon, Seungho and Cho, Jake and Gong, Seonghyeon},
+TITLE = {Data-Driven ICS Network Simulation for Synthetic Data Generation},
+JOURNAL = {Electronics},
+VOLUME = {13},
+YEAR = {2024},
+NUMBER = {10},
+ARTICLE-NUMBER = {1920},
+URL = {https://www.mdpi.com/2079-9292/13/10/1920},
+ISSN = {2079-9292},
+ABSTRACT = {Industrial control systems (ICSs) are integral to managing and optimizing processes in various industries, including manufacturing, power generation, and more. However, the scarcity of widely adopted ICS datasets hampers research efforts in areas like optimization and security. This scarcity arises due to the substantial cost and technical expertise required to create physical ICS environments. In response to these challenges, this paper presents a groundbreaking approach to generating synthetic ICS data through a data-driven ICS network simulation. We circumvent the need for expensive hardware by recreating the entire ICS environment in software. Moreover, rather than manually replicating the control logic of ICS components, we leverage existing data to autonomously generate control logic. The core of our method involves the stochastic setting of setpoints, which introduces randomness into the generated data. Setpoints serve as target values for controlling the operation of the ICS process. This approach enables us to augment existing ICS datasets and cater to the data requirements of machine learning-based ICS intrusion detection systems and other data-driven applications. Our simulated ICS environment employs virtualized containers to mimic the behavior of real-world PLCs and SCADA systems, while control logic is deduced from publicly available ICS datasets. Setpoints are generated probabilistically to ensure data diversity. Experimental results validate the fidelity of our synthetic data, emphasizing their ability to closely replicate temporal and statistical characteristics of real-world ICS networks. In conclusion, this innovative data-driven ICS network simulation offers a cost-effective and scalable solution for generating synthetic ICS data. It empowers researchers in the field of ICS optimization and security with diverse, realistic datasets, furthering advancements in this critical domain. Future work may involve refining the simulation model and exploring additional applications for synthetic ICS data.},
+DOI = {10.3390/electronics13101920}
+}
+
+
+

papers/Topic7 Generation of process time series on ICS/U-FlowTS Time Series Generation via Rectified Flow/FlowTS Time Series Generation via Rectified Flow.bib

@@ -0,0 +1,9 @@
+@misc{hu2025flowtstimeseriesgeneration,
+      title={FlowTS: Time Series Generation via Rectified Flow}, 
+      author={Yang Hu and Xiao Wang and Zezhen Ding and Lirong Wu and Huatian Zhang and Stan Z. Li and Sheng Wang and Jiheng Zhang and Ziyun Li and Tianlong Chen},
+      year={2025},
+      eprint={2411.07506},
+      archivePrefix={arXiv},
+      primaryClass={cs.LG},
+      url={https://arxiv.org/abs/2411.07506}, 
+}

papers/Topic7 Generation of process time series on ICS/U-I came, I saw, I hacked Automated Generation of/I came, I saw, I hacked Automated Generation of.bib

@@ -0,0 +1,17 @@
+@inproceedings{10.1145/3320269.3384730,
+author = {Sarkar, Esha and Benkraouda, Hadjer and Maniatakos, Michail},
+title = {I came, I saw, I hacked: Automated Generation of Process-independent Attacks for Industrial Control Systems},
+year = {2020},
+isbn = {9781450367509},
+publisher = {Association for Computing Machinery},
+address = {New York, NY, USA},
+url = {https://doi.org/10.1145/3320269.3384730},
+doi = {10.1145/3320269.3384730},
+abstract = {Malicious manipulations on Industrial Control Systems (ICSs) endanger critical infrastructures, causing unprecedented losses. State-of-the-art research in the discovery and exploitation of vulnerability typically assumes full visibility and control of the industrial process, which in real-world scenarios is unrealistic. In this work, we investigate the possibility of an automated end-to-end attack for an unknown control process in the constrained scenario of infecting just one industrial computer. We create databases of human-machine interface images, and Programmable Logic Controller (PLC) binaries using publicly available resources to train machine-learning models for modular and granular fingerprinting of the ICS sectors and the processes, respectively. We then explore control-theoretic attacks on the process leveraging common/ubiquitous control algorithm modules like Proportional Integral Derivative blocks using a PLC binary reverse-engineering tool, causing stable or oscillatory deviations within the operational limits of the plant. We package the automated attack and evaluate it against a benchmark chemical process, demonstrating the feasibility of advanced attacks even in constrained scenarios.},
+booktitle = {Proceedings of the 15th ACM Asia Conference on Computer and Communications Security},
+pages = {744–758},
+numpages = {15},
+keywords = {fingerprinting, industrial control systems security, machine learning, process-aware attacks},
+location = {Taipei, Taiwan},
+series = {ASIA CCS '20}
+}

papers/Topic7 Generation of process time series on ICS/U-Providing SCADA Network Data Sets for Intrusion Detection Research/Providing SCADA Network Data Sets for Intrusion Detection Research.bib

@@ -0,0 +1,10 @@
+@inproceedings {198143,
+	author = {Antoine Lemay and Jose M. Fernandez},
+	title = {Providing {SCADA} Network Data Sets for Intrusion Detection Research},
+	booktitle = {9th Workshop on Cyber Security Experimentation and Test (CSET 16)},
+	year = {2016},
+	address = {Austin, TX},
+	url = {https://www.usenix.org/conference/cset16/workshop-program/presentation/lemay},
+	publisher = {USENIX Association},
+	month = aug
+}

papers/Topic7 Generation of process time series on ICS/U-TSGM A Flexible Framework for Generative Modeling of Synthetic Time Series/TSGM A Flexible Framework for Generative Modeling of Synthetic Time Series.bib

@@ -0,0 +1,9 @@
+@misc{nikitin2024tsgmflexibleframeworkgenerative,
+      title={TSGM: A Flexible Framework for Generative Modeling of Synthetic Time Series}, 
+      author={Alexander Nikitin and Letizia Iannucci and Samuel Kaski},
+      year={2024},
+      eprint={2305.11567},
+      archivePrefix={arXiv},
+      primaryClass={cs.LG},
+      url={https://arxiv.org/abs/2305.11567}, 
+}