{"title":"ProIDS:用于保护关键基础设施的基于分段和隔离的进程级入侵检测系统","authors":"","doi":"10.1016/j.compind.2024.104147","DOIUrl":null,"url":null,"abstract":"<div><p>Critical infrastructures (CIs) are highly susceptible to cyber threats due to their crucial role in the nation and society. Intrusion Detection Systems (IDS) are deployed at the process level to enhance CI security. These process-level IDSs are broadly categorized into univariate and multivariate systems. Our research underscores that both types of systems encounter limitations, especially in handling correlations among process variables (PVs). Univariate IDSs neglect correlations by assessing PVs in isolation, while multivariate IDSs capture these but are vulnerable to evasion attacks. In response, we introduce ProIDS- a novel segmentation and segregation-based process-level IDS. ProIDS leverages the inherent correlations among PVs while segregating them into distinct units to enhance security against evolving threats. This strategic approach ensures the capture of correlations and mitigates the risk of evasion attacks, enhancing the system’s ability to detect abnormal activities. Additionally, ProIDS offers non-parametric modeling for heightened performance, minimal computational overhead, and noise reduction properties. Our comprehensive experiments demonstrate ProIDS’s superiority over baseline methods, delivering precise detection of various attacks while maintaining operational efficiency.</p></div>","PeriodicalId":55219,"journal":{"name":"Computers in Industry","volume":null,"pages":null},"PeriodicalIF":8.2000,"publicationDate":"2024-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"ProIDS: A Segmentation and Segregation-based Process-level Intrusion Detection System for Securing Critical Infrastructures\",\"authors\":\"\",\"doi\":\"10.1016/j.compind.2024.104147\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Critical infrastructures (CIs) are highly susceptible to cyber threats due to their crucial role in the nation and society. Intrusion Detection Systems (IDS) are deployed at the process level to enhance CI security. These process-level IDSs are broadly categorized into univariate and multivariate systems. Our research underscores that both types of systems encounter limitations, especially in handling correlations among process variables (PVs). Univariate IDSs neglect correlations by assessing PVs in isolation, while multivariate IDSs capture these but are vulnerable to evasion attacks. In response, we introduce ProIDS- a novel segmentation and segregation-based process-level IDS. ProIDS leverages the inherent correlations among PVs while segregating them into distinct units to enhance security against evolving threats. This strategic approach ensures the capture of correlations and mitigates the risk of evasion attacks, enhancing the system’s ability to detect abnormal activities. Additionally, ProIDS offers non-parametric modeling for heightened performance, minimal computational overhead, and noise reduction properties. Our comprehensive experiments demonstrate ProIDS’s superiority over baseline methods, delivering precise detection of various attacks while maintaining operational efficiency.</p></div>\",\"PeriodicalId\":55219,\"journal\":{\"name\":\"Computers in Industry\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":8.2000,\"publicationDate\":\"2024-08-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers in Industry\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0166361524000757\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers in Industry","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0166361524000757","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
ProIDS: A Segmentation and Segregation-based Process-level Intrusion Detection System for Securing Critical Infrastructures
Critical infrastructures (CIs) are highly susceptible to cyber threats due to their crucial role in the nation and society. Intrusion Detection Systems (IDS) are deployed at the process level to enhance CI security. These process-level IDSs are broadly categorized into univariate and multivariate systems. Our research underscores that both types of systems encounter limitations, especially in handling correlations among process variables (PVs). Univariate IDSs neglect correlations by assessing PVs in isolation, while multivariate IDSs capture these but are vulnerable to evasion attacks. In response, we introduce ProIDS- a novel segmentation and segregation-based process-level IDS. ProIDS leverages the inherent correlations among PVs while segregating them into distinct units to enhance security against evolving threats. This strategic approach ensures the capture of correlations and mitigates the risk of evasion attacks, enhancing the system’s ability to detect abnormal activities. Additionally, ProIDS offers non-parametric modeling for heightened performance, minimal computational overhead, and noise reduction properties. Our comprehensive experiments demonstrate ProIDS’s superiority over baseline methods, delivering precise detection of various attacks while maintaining operational efficiency.
期刊介绍:
The objective of Computers in Industry is to present original, high-quality, application-oriented research papers that:
• Illuminate emerging trends and possibilities in the utilization of Information and Communication Technology in industry;
• Establish connections or integrations across various technology domains within the expansive realm of computer applications for industry;
• Foster connections or integrations across diverse application areas of ICT in industry.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
