检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Vikas Maurya Rachit Agarwal Saurabh Kumar Sandeep Shukla
机构地区:[1]Department of Computer Science and Engineering,Indian Institute of Technology Kanpur,kanpur,India [2]Merkle Science,Bangalore,India
出 处:《Cybersecurity》2024年第3期32-48,共17页网络空间安全科学与技术(英文)
摘 要:Due to the importance of Critical Infrastructure(Cl)in a nation's economy,they have been lucrative targets for cyber attackers.These critical infrastructures are usually Cyber-Physical Systems such as power grids,water,and sewage treatment facilities,oil and gas pipelines,etc.In recent times,these systems have suffered from cyber attacks numer-ous times.Researchers have been developing cyber security solutions for Cls to avoid lasting damages.According to standard frameworks,cyber security based on identification,protection,detection,response,and recovery are at the core of these research.Detection of an ongoing attack that escapes standard protection such as firewall,anti-virus,and host/network intrusion detection has gained importance as such attacks eventually affect the physical dynamics of the system.Therefore,anomaly detection in physical dynamics proves an effective means to implement defense-in-depth.PASAD is one example of anomaly detection in the sensor/actuator data,representing such systems physical dynamics.We present EPASAD,which improves the detection technique used in PASAD to detect these micro-stealthy attacks,as our experiments show that PASAD's spherical boundary-based detection fails to detect.Our method EPASAD overcomes this by using Ellipsoid boundaries,thereby tightening the boundaries in various dimen-sions,whereas a spherical boundary treats all dimensions equally.We validate EPASAD using the dataset produced by the TE-process simulator and the C-town datasets.The results show that EPASAD improves PASAD's average recall by 5.8%and 9.5%for the two datasets,respectively.
关 键 词:Intrusion detection system Critical infrastructure security Industrial control system Machine learning
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.118.210.233