An Improved Rough Set Theory based Feature Selection Approach for Intrusion Detection in SCADA Systems

Priyanga, S.; Raman, Mrigank; Jagtap, Sujeet S.; Aswin, N.; Kirthivasan, Kannan; Sriram, V. S. Shankar

doi:10.3233/jifs-169960

Cited by 15 publications

(8 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The error backpropagation has been regarded as a gradient descent method, which can usually be used to solve the gradient problem. The global gradient solution is transformed into the local gradient solution, which simplifies the calculation process [24]. The current output of a sequence of recurrent neural networks (RNN) is affected by both the current input and the previous output.…”

Section: Long-short-term Memory Networkmentioning

confidence: 99%

“…Therefore, intrusion data presents the characteristics of large samples and high dimensions. When the PCA feature extraction model is applied to a large number of data samples, the problem of incomplete feature expression will lead to an increase in the false-positive rate of detection [24]. Deep learning has more advantages in processing large samples and high-dimensional data.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Network Intrusion Detection Based on an Improved Long‐Short‐Term Memory Model in Combination with Multiple Spatiotemporal Structures

Huang

2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Aimed at the existing problems in network intrusion detection, this paper proposes an improved LSTM combined with spatiotemporal structure for intrusion detection. The unsupervised spatiotemporal encoder is used to intelligently extract the spatial characteristics of network traffic data samples. It can not only retain the overall/nonlocal characteristics of the data samples but also extract the most essential deep features of the data samples. Finally, the extracted features are used as input of the LSTM model to realize classification and identification for intrusion samples. Experimental verification shows that the accuracy and false alarm rate of the intrusion detection model based on the neural network are significantly better than those of other traditional models.

show abstract

Section: Long-short-term Memory Networkmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Network Intrusion Detection Based on an Improved Long‐Short‐Term Memory Model in Combination with Multiple Spatiotemporal Structures

Huang

2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…An anomaly detector can be considered as a black box that receives data in real-time from an operational plant, such as SWaT. Generally, the application of machine learning algorithms for anomaly detection in ICS can be broadly categorized (i) Models that operates over the relationship among the feature vectors for anomaly detection [25,28], and (ii) models that predict the behavior of ICS and detects anomalies in case of any discrepancies between the actual and predicted behavior [29]. These models are built using data from an operational plant where the detector is intended to be deployed.…”

Section: Anomalies Detection and Development Stagesmentioning

confidence: 99%

“…Challenge 1: Supervised vs unsupervised Learning: Recently, there have been studies where supervised machine learning is used for attack detection [7,14,[25][26][27]. Although these models possess a high detection rate and generate few false alarms for known attacks, they fail to detect the unknown or new attacks due to the lack of signatures.…”

Section: Challenges: Model Creationmentioning

confidence: 99%

Challenges in Machine Learning based approaches for Real-Time Anomaly Detection in Industrial Control Systems

Ahmed

Mathur

2020

Proceedings of the 6th ACM on Cyber-Physical System Security Workshop

View full text Add to dashboard Cite

Data-centric approaches are becoming increasingly common in the creation of defense mechanisms for critical infrastructure such as the electric power grid and water treatment plants. Such approaches often use well-known methods from machine learning and system identification, i.e., the Multi-Layer Perceptron, Convolutional Neural Network, and Deep Auto Encoders to create process anomaly detectors. Such detectors are then evaluated using data generated from an operational plant or a simulator; rarely is the assessment conducted in real time on a live plant. Regardless of the method to create an anomaly detector, and the data used for performance evaluation, there remain significant challenges that ought to be overcome before such detectors can be deployed with confidence in city-scale plants or large electric power grids. This position paper enumerates such challenges that the authors have faced when creating data-centric anomaly detectors and using them in a live plant. CCS CONCEPTS • Security and privacy → Intrusion/anomaly detection; • Computer systems organization → Sensors and actuators; Embedded systems; Dependable and fault-tolerant systems and networks.

show abstract

“…The experimental outcome determines the scope and significant dissemination direction of finding events from a new perspective which demonstrates 96% of improved event detection accuracy. In [5], authors propose a novel filter-based feature selection approach for the identification of informative features based on Rough Set Theory and Hyper-clique based Binary Whale Optimization Algorithm (RST-HCBWoA). Experiments were carried out by Power system attack dataset and the performance of RST-HCBWoA was evaluated in terms of reduct size, precision, recall, classification accuracy, and time complexity.…”

mentioning

confidence: 99%

Intelligent, smart and scalable cyber-physical systems

Vijayakumar

Subramaniyaswamy

Abawajy

et al. 2019

IFS

View full text Add to dashboard Cite

The integration of human physical processes with the computation has created a new paradigm called Cyber-Physical Systems (CPS). The CPSs control the physical processes by utilizing the computational intelligence to acquire the deep knowledge of the monitored environment. Hence the CPSs are designed to be intelligent to provide highly accurate decisions and appropriate actions promptly. The rapidly growing interconnections between the virtual and physical worlds and the development of new intelligent techniques have created new opportunities for the research for next-generation CPS, that is intelligent cyber-physical systems (iCPS). The iCPS are large-scale software intensive and pervasive systems, which by combining various data sources (both from physical objects and virtual components) and applying intelligence techniques, can efficiently manage real-world processes and offers a broad range of novel applications and services. By equipping physical objects with interfaces to the virtual world, and incorporating intelligent mechanisms to leverage collaboration between these objects, the boundaries between the physical and virtual worlds become blurred. Interactions occurring in the physical world are capable of changing the processinga behavior in the virtual world, in a causal relationship

show abstract

An Improved Rough Set Theory based Feature Selection Approach for Intrusion Detection in SCADA Systems

Cited by 15 publications

References 29 publications

Network Intrusion Detection Based on an Improved Long‐Short‐Term Memory Model in Combination with Multiple Spatiotemporal Structures

Network Intrusion Detection Based on an Improved Long‐Short‐Term Memory Model in Combination with Multiple Spatiotemporal Structures

Challenges in Machine Learning based approaches for Real-Time Anomaly Detection in Industrial Control Systems

Intelligent, smart and scalable cyber-physical systems

Contact Info

Product

Resources

About