Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Annals of Telecommunications
Erschienen in: Annals of Telecommunications 11-12/2022

28.01.2022

Anomaly detection for ICS based on deep learning: a use case for aeronautical radar data

verfasst von: Théobald de Riberolles, Yunkai Zou, Guthemberg Silvestre, Emmanuel Lochin, Jiefu Song

Erschienen in: Annals of Telecommunications | Ausgabe 11-12/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Industrial control systems (ICS) are no longer restricted to industrial production. They are also at the heart of safety critical systems and carry out key information that require strong need in terms of availability and integrity. Furthermore, they are gradually connected with the Internet. In the context of Air Traffic Management, safety critical data are generally time series which contain periodic events. Anomalies can hardly be detected as we only have a little knowledge of the traffic characteristic and the kind of anomalies we might encounter. Consequently, detecting them is challenging as it requires high detection accuracy currently unfeasible with traditional methods based on anomaly signatures or predictions. To cope with this issue, we introduce an anomaly detection method for ICS based on Long Short Term Memory (LSTM) that outperforms the accuracy of traditional ones. We experiment and develop our method with one major dataset containing French civil radar aviation data. We then evaluate our scheme with different datasets containing ICS monitoring data (publicly available predictable time series data) and show that our autoencoder can detect anomalies from predictable times series and present a higher detection rate on average than traditional detection methods.
Vorheriger Artikel The Kingsguard OS-level mitigation against cache side-channel attacks using runtime detection
Nächster Artikel Investigating the practicality of adversarial evasion attacks on network intrusion detection

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Fußnoten
4
ASTERIX stands for STructured Eurocontrol suRveillance Information eXchange and is the EUROCONTROL (European Organisation for the Safety of Air Navigation) standard for the exchange of surveillance-related data.
 
5
Scapy is a packet manipulation tool for computer networks
 
6
In this paper the term packet and frame gave the same meaning.
 
7
A detection category for SSR mode S.
 
8
Note the situation that causes false alarm is mainly the change of the angle parameter near the period value. One improvement is to convert the polar coordinates into cartesian coordinates. In addition, the suspicious data mentioned above will also cause false alarms to some extent
 
Literatur
1.
Aggarwal CC (2017) An introduction to outlier analysis. In: Outlier analysis. Springer, pp 1–34
2.
Bigham J, Gamez D, Lu N (2003) Safeguarding SCADA systems with anomaly detection. In: International workshop on mathematical methods, models, and architectures for computer network security. Springer, pp 171–182
3.
Casanovas EE, Buchaillot TE, Baigorria F (2015) Vulnerability of radar protocol and proposed mitigation. In: ITU Kaleidoscope: trust in the information society (K-2015), 2015. IEEE, pp 1–6
4.
Chan-Tin E, Heorhiadi V, Hopper N, Kim Y (2011) The frog-boiling attack: limitations of secure network coordinate systems. ACM Trans Inform Syst Secur (TISSEC) 14(3):1–23. Publisher: ACM New York, NY, USACrossRef
5.
Cheung S, Dutertre B, Fong M, Lindqvist U, Skinner K, Valdes A (2007) Using model-based intrusion detection for SCADA networks. In: Proceedings of the SCADA security scientific symposium, vol 46. Citeseer, pp 1–12
6.
Collins S, McCombie S (2012) Stuxnet: the emergence of a new cyber weapon and its implications. J Polic Intell Counter Terror 7(1):80–91CrossRef
7.
Compagnon P, Lefebvre G, Duffner S, Garcia C (2019) Routine modeling with time series metric learning. In: International conference on artificial neural networks. Springer, pp 579– 592
8.
de Riberolles T, Song J, Zou Y, Silvestre G, Larrieu N (2020) Characterizing radar network traffic: a first step towards spoofing attack detection. In: 2020 IEEE Aerospace conference. IEEE, pp 1–8
9.
Dzung D, Naedele M, Von Hoff TP, Crevatin M (2005) Security for industrial communication systems. Proc IEEE 93(6):1152–1177CrossRef
10.
Farrell P, Schuurman M (2012) Using ASTERIX in accident investigation
11.
Feng C, Li T, Chana D (2017) Multi-level anomaly detection in industrial control systems via package signatures and LSTM networks. In: 2017 47th Annual IEEE/IFIP international conference on dependable systems and networks (DSN). IEEE, pp 261–272
12.
Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neur Comput 9(8):1735–1780. Publisher: MIT PressCrossRef
13.
Javaid A, Niyaz Q, Sun W, Alam M (2016) A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International conference on bio-inspired information and communications technologies (formerly BIONETICS), pp 21–26
14.
Kieu T, Yang B, Jensen CS (2018) Outlier detection for multidimensional time series using deep neural networks. In: 2018 19th IEEE International conference on mobile data management (MDM). IEEE, pp 125–134
15.
Ma J, Perkins S (2003) Online novelty detection on temporal sequences. In: Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining, pp 613–618
16.
Malhotra P, Vig L, Shroff G, Agarwal P (2015) Long short term memory networks for anomaly detection in time series
17.
Nader P, Honeine P, Beauseroy P (2014) lp-norms in one-class classification for intrusion detection in SCADA systems. IEEE Trans Indus Inform 10(4):2308–2317CrossRef
18.
Nanduri SKA (2016) Anomaly detection in aircraft performance data
19.
Obregon L (2015) Secure architecture for industrial control systems. SANS Institute InfoSec Reading Room
20.
Ristanti PY, Wibawa AP, Pujianto U (2019) Cosine similarity for title and abstract of economic journal classification. In: 2019 5th International conference on science in information technology (ICSITech). IEEE, pp 123–127
21.
Skopik F, Friedberg I, Fiedler R (2014) Dealing with advanced persistent threats in smart grid ICT networks. In: ISGT. IEEE, pp 1–5
22.
Sutskever I, Vinyals O, Le QV (2014) Sequence to sequence learning with neural networks. In: Advances in neural information processing systems, pp 3104–3112
23.
Whitehead DE, Owens K, Gammel D, Smith J (2017) Ukraine cyber-induced power outage: analysis and practical mitigation strategies. In: 2017 70th Annual conference for protective relay engineers (CPRE), pp 1–8
24.
Yang D, Usynin A, Hines JW (2006) Anomaly-based intrusion detection for SCADA systems. In: 5th intl. topical meeting on nuclear plant instrumentation, control and human machine interface technologies (npic&hmit 05), pp 12–16
25.
Zhu B, Sastry S (2010) SCADA-specific intrusion detection/prevention systems: a survey and taxonomy. In: Proceedings of the 1st workshop on secure control systems (SCS), vol 11, p 7
Metadaten
Titel
Anomaly detection for ICS based on deep learning: a use case for aeronautical radar data
verfasst von
Théobald de Riberolles
Yunkai Zou
Guthemberg Silvestre
Emmanuel Lochin
Jiefu Song
Publikationsdatum
28.01.2022
Verlag
Springer International Publishing
Erschienen in
Annals of Telecommunications / Ausgabe 11-12/2022
Print ISSN: 0003-4347
Elektronische ISSN: 1958-9395
DOI
https://doi.org/10.1007/s12243-021-00902-7

Weitere Artikel der Ausgabe 11-12/2022

Annals of Telecommunications 11-12/2022 Zur Ausgabe

OriginalPaper

A bi-objective optimization model for segment routing traffic engineering

OriginalPaper

Investigating the practicality of adversarial evasion attacks on network intrusion detection

OriginalPaper

Multi-labeling with topic models for searching security information

Editorial

Interactions between artificial intelligence and cybersecurity to protect future networks

OriginalPaper

Explainable artificial intelligence for cybersecurity: a literature survey

OriginalPaper

On enhancing the transmission efficiency of modulated UWB signals under different emission standards

Neuer Inhalt

    Bildnachweise