Robin Duraz

Directeur(s): Sandrine Vaton
Encadrant(s): David Espès & Julien Francq

SUJET DE THÈSE

Machine Learning Analysis for Cyber Attack Detection and Classification on Board Ships

Work Summary

The digitization of onboard environments is becoming increasingly prevalent in the maritime sector, leading to the convergence of Information Technology (IT) and Operational Technology (OT) within naval vessels. This evolution mirrors the architecture of the IT/OT integration seen in modern industrial systems. To ensure the security of naval vessels, it is crucial to detect cyber-attacks that could compromise their proper functioning. Various types of attacks need to be considered, including vertical attacks originating from higher system levels and attacks targeting the availability of operational systems, which could be particularly critical during a mission.

Traditionally, onboard security components (e.g., intrusion detection probes) have relied on static security rules. This approach presents several limitations, such as the need for frequent rule updates and an inability to detect novel attacks (zero-day attacks).

This thesis aims to enhance the security of naval vessels by leveraging machine learning techniques to analyze metrics collected at various levels within the IT/OT system. The objective is to automate the detection and classification of cyber-attacks or other system malfunctions. A particular focus will be placed on semi-supervised learning methods, where only partial labels are available for associating diagnostics with observations.

Publications

Duraz R, Espes D, Francq J, Vaton S (2024) Using CVSS scores can make more informed and more adapted Intrusion Detection Systems. JUCS - Journal of Universal Computer Science 30(9): 1244-1264. https://doi.org/10.3897/jucs.131659

Robin Duraz, David Espes, Julien Francq, and Sandrine Vaton. 2024. SECL: A Zero-Day Attack Detector and Classifier based on Contrastive Learning and Strong Regularization. In Proceedings of the 19th International Conference on Availability, Reliability and Security (ARES '24). Association for Computing Machinery, New York, NY, USA, Article 22, 1–12. https://doi.org/10.1145/3664476.3664505

Robin Duraz, David Espes, Julien Francq, and Sandrine Vaton. 2023. Explainability-based Metrics to Help Cyber Operators Find and Correct Misclassified Cyberattacks. In Proceedings of the 2023 on Explainable and Safety Bounded, Fidelitous, Machine Learning for Networking (SAFE '23). Association for Computing Machinery, New York, NY, USA, 9–15. https://doi.org/10.1145/3630050.3630177

Robin Duraz, David Espes, Julien Francq, and Sandrine Vaton. 2023. Cyber Informedness: A New Metric using CVSS to Increase Trust in Intrusion Detection Systems. In Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference (EICC '23). Association for Computing Machinery, New York, NY, USA, 53–58. https://doi.org/10.1145/3590777.3590786

Robin Duraz, David Espes, Julien Francq, Sandrine Vaton. Machine Learning and Visualization tools for Cyberattack Detection. RESSI 2022 : Rendez-vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information, May 2022, Chambon-sur-Lac, France. ⟨hal-03647627⟩

Retour