OT Endpoint Detection and Monitoring system
Designed and implemented an OT-focused endpoint detection and monitoring system using Machine Learning to detect and classify malicious activity targeting ICS/SCADA networks.
Step 1
Data Preparation and Feature Engineering
Step 1
Data Preparation and Feature Engineering
Step 2
Model Development and Training
Step 2
Model Development and Training
Step 2
Model Development and Training
Step 2
Model Development and Training
Step 3
Model Evaluation and Comparison
Step 3
Model Evaluation and Comparison
Steps
Step 1: Used endpoint datasets from different sources(IOT_Sentinnel dataset,TON_IoT dataset, UNSW_NB15 dataset) and performed preprocessing and feature engineering for machine learning model training.
Step 2 : Developed and trained Random Forest, SVM, LSTM, and CNN models in Google Colab to detect and classify malicious activity.
Step 3: Compared model performance based on precision, and recall to determine the most effective detection algorithm.
Step 4: Suggested the best-performing model for deployment as Random Forest in the OT monitoring system to enhance ICS/SCADA network visibility.Also suggested deployment platforms like Cloud or Hybrid over on-site deployment.
Tools
Google Colab, Python, Scikit-learn, TensorFlow, NumPy
Frameworks
OT/ICS Security Framework, Machine Learning-based Threat Detection
Standards
NIST CSF (DE.CM – Continuous Monitoring, PR.IP – Information Protection Processes), MITRE ATT&CK for ICS, Best Practices for OT Cybersecurity Monitoring