2022
DOI: 10.3390/s22062100
|View full text |Cite
|
Sign up to set email alerts
|

Inter-Domain Fusion for Enhanced Intrusion Detection in Power Systems: An Evidence Theoretic and Meta-Heuristic Approach

Abstract: False alerts due to misconfigured or compromised intrusion detection systems (IDS) in industrial control system (ICS) networks can lead to severe economic and operational damage. However, research using deep learning to reduce false alerts often requires the physical and cyber sensor data to be trustworthy. Implicit trust is a major problem for artificial intelligence or machine learning (AI/ML) in cyber-physical system (CPS) security, because when these solutions are most urgently needed is also when they are… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
6
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
5

Relationship

2
3

Authors

Journals

citations
Cited by 5 publications
(6 citation statements)
references
References 31 publications
0
6
0
Order By: Relevance
“…CYPRES EMS also leverages custom logic in IEC 61131 in the SEL Real Time Automation Controller (RTAC) device to detect and respond [25] and incorporates multi-domain multi-sensor cyber-physical data fusion for intrusion detection [26]. To address uncertainty in alerts from the sensors, CYPRES EMS also provides a framework for evidence-theoretic rules of combination [27]. It is important to note that CYPRES EMS works well with and complements existing efforts.…”
Section: B Evolution Of the Problem With The State Of The Artmentioning
confidence: 99%
See 1 more Smart Citation
“…CYPRES EMS also leverages custom logic in IEC 61131 in the SEL Real Time Automation Controller (RTAC) device to detect and respond [25] and incorporates multi-domain multi-sensor cyber-physical data fusion for intrusion detection [26]. To address uncertainty in alerts from the sensors, CYPRES EMS also provides a framework for evidence-theoretic rules of combination [27]. It is important to note that CYPRES EMS works well with and complements existing efforts.…”
Section: B Evolution Of the Problem With The State Of The Artmentioning
confidence: 99%
“…• Dempster Shafer-based Fusion IDS: In [27], this IDS is proposed to address uncertainty in alerts to reduce false alert rates. A location-cum-domain based fusion framework is proposed and evaluated with different combination rules, that fuse multiple evidence from inter-domain and intra-domain sensors.…”
Section: ) Intrusion Detection System (Ids) Modelsmentioning
confidence: 99%
“…Hence, other works, for example, Ref. [7], that address aleatory uncertainty through the notion of ignorance (analogous to the impact of a zero-day exploit on the symptoms of an intrusion), can be considered. Further, alerts generated from IDS can act as a data source for the structure learning problem to learn the structure of an attack graph based on the prior structure provided by experts [10].…”
Section: Case Studiesmentioning
confidence: 99%
“…Every time a new evidence is obtained, the BAG is dynamically updated, as in Figure 7. Updating the posterior based on multiple evidences is similar to our prior work on multi-sensor fusion work [7] based on DSTE and its rules of combination.…”
Section: Understanding the Notion Of Evidencementioning
confidence: 99%
See 1 more Smart Citation