A Novel Intrusion Detection Model Using a Fusion of Network and Device States for Communication-Based Train Control Systems

Song, Yajie; Bu, Bing; Zhu, Li

doi:10.3390/electronics9010181

Cited by 15 publications

(3 citation statements)

References 48 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Machine learning methods for intrusion detection no longer rely on rule matching but instead build classification models to distinguish between normal and malicious traffic [9]. Support vector machines (SVMs) have been widely used for intrusion detection, and by combining SVM with feature selection techniques, the feasibility and effectiveness of intrusion detection can be enhanced [10].…”

Section: Background 21 Intrusion Detectionmentioning

confidence: 99%

Open DGML: Intrusion Detection Based on Open-Domain Generation Meta-Learning

Jiang,

Zou,

Huang

et al. 2024

Applied Sciences

View full text Add to dashboard Cite

Network security is crucial for national infrastructure, but the increasing number of network intrusions poses significant challenges. To address this issue, we propose Open DGML, a framework based on open-domain generalization meta-learning for intrusion detection. Our approach incorporates flow imaging, data augmentation, and open-domain generalization meta-learning algorithms. Experimental results on the ISCX2012, NDSec-1, CICIDS2017, and CICIDS2018 datasets demonstrate the effectiveness of Open DGML. Compared to state-of-the-art models (HAST-IDS, CLAIRE, FC-Net), Open DGML achieves higher accuracy and detection rates. In closed-domain settings, it achieves an average accuracy of 96.52% and a detection rate of 97.04%. In open-domain settings, it achieves an average accuracy of 68.73% and a detection rate of 61.49%. These results highlight the superior performance of Open DGML, particularly in open-domain scenarios, for effective identification of various network attacks.

show abstract

Section: Background 21 Intrusion Detectionmentioning

confidence: 99%

Open DGML: Intrusion Detection Based on Open-Domain Generation Meta-Learning

Jiang,

Zou,

Huang

et al. 2024

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…However, implementing a traditional anomaly-based intrusion detection system (IDS) is not enough, because the traditional IDS may produce a false positive alarm caused by a system fault. A further study was reported in [ 17 ], which proposed an intrusion detection model using a fusion of network and device states. The proposed method can identify the difference between the abnormality among anomalies caused by cyber-attacks and by system faults.…”

Section: Related Workmentioning

confidence: 99%

Security Architecture for Secure Train Control and Monitoring System

Purwanto

Ruriawan

Alamsyah

et al. 2023

Sensors

View full text Add to dashboard Cite

A Train Control and Monitoring System (TCMS) is a vital part of monitoring sensors in a train. The data output of sensors is sent wirelessly to the data server for monitoring. However, as the wireless channel used to send the data is a shared public network, the transmitted data are prone to hackers and attacks. This paper proposes the Securebox architecture to manage secure data transfer from the onboard Vehicle Control Unit (VCU) to the data server in TCMS. The architecture is comprised of four main functions: network management, buffer management, data management, and security management. The architecture has been successfully developed in an HSM (Hardware Security Modul) and verified using alpha and beta software testing to form a secure TCMS. From the real-time testing phase in an electric-diesel train, the average performance of the AES-based HSM showed 55% faster time processing with unnoticed 0.1% added memory usage compared to the 3DES. The secure TCMS also withstands MITM attack and provides end-to-end data security compared to the (Mobile Station) MS to Base Station (BS) only in GSM-R.

show abstract

“…Other than the anomaly-based model, various types of intrusion detection techniques are also used in the defense mechanism. Different machine learning and deep learningbased algorithms are showing high detection accuracy [18]- [21]. For classification type IDS, supervised learning is widely used, and unsupervised learning is usually used for clustering based IDS [22].…”

Section: B Intrusion Detection Systems In Cpsmentioning

confidence: 99%

G-IDS: Generative Adversarial Networks Assisted Intrusion Detection System

Shahriar¹,

Haque²,

Rahman³

et al. 2020

Preprint

View full text Add to dashboard Cite

The boundaries of cyber-physical systems (CPS) and the Internet of Things (IoT) are converging together day by day to introduce a common platform on hybrid systems. Moreover, the combination of artificial intelligence (AI) with CPS creates a new dimension of technological advancement. All these connectivity and dependability are creating massive space for the attackers to launch cyber attacks. To defend against these attacks, intrusion detection system (IDS) has been widely used. However, emerging CPS technologies suffer from imbalanced and missing sample data, which makes the training of IDS difficult. In this paper, we propose a generative adversarial network (GAN) based intrusion detection system (G-IDS), where GAN generates synthetic samples, and IDS gets trained on them along with the original ones. G-IDS also fixes the difficulties of imbalanced or missing data problems. We model a network security dataset for an emerging CPS technologies using NSL KDD-99 dataset and evaluate our proposed model's performance using different metrics. We find that our proposed G-IDS model performs much better in attack detection and model stabilization during the training process than a standalone IDS.

show abstract

A Novel Intrusion Detection Model Using a Fusion of Network and Device States for Communication-Based Train Control Systems

Cited by 15 publications

References 48 publications

Open DGML: Intrusion Detection Based on Open-Domain Generation Meta-Learning

Open DGML: Intrusion Detection Based on Open-Domain Generation Meta-Learning

Security Architecture for Secure Train Control and Monitoring System

G-IDS: Generative Adversarial Networks Assisted Intrusion Detection System

Contact Info

Product

Resources

About