Teaching the process of building an Intrusion Detection System using data from a small‐scale SCADA testbed

Μαγλαράς, Λέανδρος; Cruz, Tiago; Ferrag, Mohamed Amine; Janicke, Helge

doi:10.1002/itl2.132

Cited by 10 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Very often, cyber ranges, cyber security training and simulation platforms are used to support learning activities, giving students the opportunity to participate in realistic scenarios [4], assuming specific roles based on the nature of the exercises (for example, in red/blue team drills). This is true, for example, of the cybersecurity curricula offered at De Montfort University (UK) [5] and Coimbra (PT) Universities [6]. Also within this scope, Trabelsi et al [7] developed a technique for introducing essential concepts such as network keylogging and eavesdropping threats, after considering existing approaches to teaching cybersecurity-related topics.…”

Section: A Quick Review Of Testbeds and Cyber Ranges For Training And Researchmentioning

confidence: 99%

Down the Rabbit Hole: Fostering Active Learning through Guided Exploration of a SCADA Cyber Range

Cruz

Simões

2021

Applied Sciences

Self Cite

View full text Add to dashboard Cite

Prior experience from the authors has shown that a heavily theoretical approach for cybersecurity training has multiple shortcomings, mostly due to the demanding and diversified nature of the prerequisites, often involving concepts about operating system design, networking and computer architecture, among others. In such circumstances, the quest for trainee engagement often turns into a delicate balancing act between managing their expectations and providing an adequate progression path. In this perspective, hands-on exercises and contact with high-fidelity environments play a vital part in fostering interest and promoting a rewarding learning experience. Making this possible requires having the ability to design and deploy different use case training scenarios in a flexible way, tailored to the specific needs of classroom-based, blended or e-learning teaching models. This paper presents a flexible framework for the creation of laboratory and cyber range environments for training purposes, detailing the development, implementation and exploration of a cyber range scenario, within the scope of a course on cyber-physical systems security. Moreover, the course structure, curricular aspects and teaching methods are also detailed, as well as the feedback obtained from the students.

show abstract

Section: A Quick Review Of Testbeds and Cyber Ranges For Training And Researchmentioning

confidence: 99%

Down the Rabbit Hole: Fostering Active Learning through Guided Exploration of a SCADA Cyber Range

Cruz

Simões

2021

Applied Sciences

Self Cite

View full text Add to dashboard Cite

show abstract

“…Along with other preventive security mechanisms, such as access control and authentication, intrusion detection systems (IDSs) are deployed as a second line of defense. IDSs based on some specific rules or patterns of the normal behavior of the system can distinguish between normal and malicious actions [4,5].…”

Section: Introductionmentioning

confidence: 99%

RDTIDS: Rules and Decision Tree-Based Intrusion Detection System for Internet-of-Things Networks

et al. 2020

Self Cite

View full text Add to dashboard Cite

This paper proposes a novel intrusion detection system (IDS), named RDTIDS, for Internet-of-Things (IoT) networks. The RDTIDS combines different classifier approaches which are based on decision tree and rules-based concepts, namely, REP Tree, JRip algorithm and Forest PA. Specifically, the first and second method take as inputs features of the data set, and classify the network traffic as Attack/Benign. The third classifier uses features of the initial data set in addition to the outputs of the first and the second classifier as inputs. The experimental results obtained by analyzing the proposed IDS using the CICIDS2017 dataset and BoT-IoT dataset, attest their superiority in terms of accuracy, detection rate, false alarm rate and time overhead as compared to state of the art existing schemes.

show abstract

Online ontological quality assessment of converted UML class diagrams in SRE

Chen

Tai

2023

Autom Softw Eng

View full text Add to dashboard Cite

Teaching the process of building an Intrusion Detection System using data from a small‐scale SCADA testbed

Cited by 10 publications

References 15 publications

Down the Rabbit Hole: Fostering Active Learning through Guided Exploration of a SCADA Cyber Range

Down the Rabbit Hole: Fostering Active Learning through Guided Exploration of a SCADA Cyber Range

RDTIDS: Rules and Decision Tree-Based Intrusion Detection System for Internet-of-Things Networks

Online ontological quality assessment of converted UML class diagrams in SRE

Contact Info

Product

Resources

About