Analyzing anomalies in industrial networks: A data-driven approach to enhance security in manufacturing processes

IF 5.4 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2025-06-01 Epub Date: 2025-02-28 DOI:10.1016/j.cose.2025.104395
Karel Kuchar, Radek Fujdiak
{"title":"Analyzing anomalies in industrial networks: A data-driven approach to enhance security in manufacturing processes","authors":"Karel Kuchar,&nbsp;Radek Fujdiak","doi":"10.1016/j.cose.2025.104395","DOIUrl":null,"url":null,"abstract":"<div><div>Industrial networks are adapted to their specific requirements, especially in terms of industrial processes. To ensure sufficient security in these networks, it is necessary to set and use security policies that complement government regulations, recommendations, and relevant security standards. This paper aims to provide an in-depth analysis of the anomalies occurring within the networks and propose a structure for collecting valuable data from the experimental site based on dividing anomalies into three main categories: security, operational, and service anomalies (and regular traffic recognition). We present a proof-of-concept solution/design aggregating data in industrial networks for advanced anomaly classification. Multiple data sources such as industrial communication, sensor data (additional sensors controlling device behavior), and HW status data are used as data sources. A total of three scenarios (using a physical testbed) were implemented, where we achieved an accuracy of 0.8541/0.9972 in advanced anomaly classification.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"153 ","pages":"Article 104395"},"PeriodicalIF":5.4000,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825000847","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/2/28 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Industrial networks are adapted to their specific requirements, especially in terms of industrial processes. To ensure sufficient security in these networks, it is necessary to set and use security policies that complement government regulations, recommendations, and relevant security standards. This paper aims to provide an in-depth analysis of the anomalies occurring within the networks and propose a structure for collecting valuable data from the experimental site based on dividing anomalies into three main categories: security, operational, and service anomalies (and regular traffic recognition). We present a proof-of-concept solution/design aggregating data in industrial networks for advanced anomaly classification. Multiple data sources such as industrial communication, sensor data (additional sensors controlling device behavior), and HW status data are used as data sources. A total of three scenarios (using a physical testbed) were implemented, where we achieved an accuracy of 0.8541/0.9972 in advanced anomaly classification.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
分析工业网络中的异常:提高制造过程安全性的数据驱动方法
工业网络适应其特定需求,特别是在工业过程方面。为了在这些网络中确保足够的安全性,有必要设置和使用安全策略,以补充政府法规、建议和相关安全标准。本文旨在对网络中发生的异常进行深入分析,并在将异常分为安全、操作和服务异常(以及常规流量识别)三大类的基础上,提出一种从实验站点收集有价值数据的结构。我们提出了一个概念验证解决方案/设计在工业网络中聚合数据用于高级异常分类。多个数据源,如工业通信、传感器数据(控制设备行为的附加传感器)和硬件状态数据被用作数据源。总共实现了三种场景(使用物理测试平台),其中我们在高级异常分类中获得了0.8541/0.9972的准确性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
期刊最新文献
RanDS: A large-Scale open dataset of raw binaries and extracted features for ransomware research Unifying mixed boolean-arithmetic obfuscation by architectural and anti-generalization hardening Bridging industrial control systems design and testing through threat modeling-driven penetration testing - a microgrid case study Modeling of physical unclonable functions (PUF): A systematic literature review A hybrid machine learning and cryptography-based predictive probability model for enhancing security and privacy in cloud-IoT environment
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1