CIFRE – Cybersecurity with Machine Learning for industrial networks

When:
30/11/2023 – 01/12/2023 all-day
2023-11-30T01:00:00+01:00
2023-12-01T01:00:00+01:00

Offre en lien avec l’Action/le Réseau : – — –/– — –

Laboratoire/Entreprise : ICube laboratory – Technology & Strategy
Durée : 3 ans
Contact : Lafabregue@unistra.fr
Date limite de publication : 2023-11-30

Contexte :
Industry 4.0 is the novel industrial revolution, where objects are connected to a global network infrastructure. Fieldbus (e.g., CAN, modbus, TSN) interconnect the different devices to controllers. These objects are constrained in memory and computational capacity and may endanger the network infrastructure if they are corrupted. They may even jeopardize the safety of industrial applications.
Thus, cybersecurity for the Industrial Internet of Things is a major concern, while most of the technologies in this area have not been designed with this problem in mind. For instance, CAN communications are neither ciphered, nor authenticated.
We need to deploy Intrusion Detection Systems able to detect anomalies, i.e., when the infrastructure doesn’t behave as expected. It may come from e.g., a human misconfiguration, an attack.

Sujet :
Penetration testing already exploits Machine Learning techniques to detect and identify attacks. Indeed, signature-based solutions are not sufficient since they may disguise themselves into a legal traffic flow but inserting noise.
We want to go there further, to identify anomalies that may be e.g., attacks, misconfigurations, faults. Industrial networks are known to be predictable and we must identify outliers. Some work exists that consider the spatial and temporal correlations but they are application specific, i.e., they need to manipulate directly data chunks. Approaches exist that exploit a RNN to identify anomalies but we are convinced that industrial networks are predictable, and techniques that exploit this predictability should be more accurate. The network controller that has a complete knowledge of the network topology may efficiently detect intrusions.
The objective of this PhD thesis is to first propose techniques to identify automatically patterns when exploiting the list of packets transmitted in the network infrastructure. Indeed, a networked control application relies on a control loop (sensor to controller to actuator) to control the Cyber Physical System (CPS). It is important to characterize each of these control loops (period, source / destination, correlations, etc.). The PhD student will both exploit existing datasets as well as the networked control system testbed deployed at Technology & Strategy.
Then, we will derive Network Intrusion Detection Systems (IDS) to identify anomalies for each of these control loops, extending what has been done for home networks, or generic IP networks. We need to propose techniques to define what corresponds to a normal state, and what corresponds to an outlier / anomaly. The proposition must be sufficiently robust to detect sophisticated attacks such as the Schedule-Based Attacks.

Profil du candidat :
Master in computer science or similar fields, with an affinity for Machine Learning.

Formation et compétences requises :
Applicants should have solid skills in:
• Excellent knowledge of Machine Learning techniques (not only as a user);
• Excellent data science language skills (R, or Python);
• Background knowledge to implement measurements in a real production line;
• Excellent communication and writing skills. Note that knowledge of French is not required for this position.
Knowledge of the following technologies is not mandatory but will be considered as a plus:
• Knowledges in industrial networking protocols and stacks;
• Knowledges of embedded software

Adresse d’emploi :
The PhD student will be co-hosted by Technology & Strategy and the University of Strasbourg, both located in Strasbourg, France.
Technology & Strategy was created in 2008 in Strasbourg. Specialized in Engineering, IT, Digital and Project Management, Technology & Strategy is a reference partner for its customers in the development of innovative projects. Technology & Strategy also has an integrated engineering service to meet the requirements of its customers who are primarily R&D departments of industrial companies.
With a strong international focus and a Franco-German DNA, Technology & Strategy is proud of its 1,800 employees and is present with more than 40 nationalities in 16 offices in 6 countries (France, Germany, Switzerland, Belgium, UK, South East Asia). Technology & Strategy is proud to keep its headquarters in the East of France, near Strasbourg.

Founded in the 16th century, the University of Strasbourg has a long history of excellence in higher education, rooted in Renaissance humanism. The University of Strasbourg is a public research university located in Strasbourg, with over 52,000 students. You will integrate the ICube laboratory attached to the University.

Applications should be submitted by email to tands-cifre@icube.unistra.fr.
They must include:
• A Curriculum Vitae;
• List of 2 or 3 references to contact (position, email address);
• Transcripts of undergraduate and graduate studies;
• Link to MSc thesis, and publications if applicable;
• Link to personal software repositories (e.g. GitHub)
Please prefix the filenames of your application with your lastname.

Document attaché : 202303061259_202207070957_Fichier_TS-cybersec-iiot.pdf