A Two Stage Intrusion Detection System for Industrial Control Networks Based on Ethernet/IP

Yu, Wenbin; Wang, Yiyin; Song, Lei

doi:10.3390/electronics8121545

Cited by 12 publications

(4 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [6] a spatiotemporal characterization of cyberattacks for detecting cyberattacks is proposed using a stochastic graph model to represent these cyberattacks in time and space. In [7], the area of industrial control networks is addressed with a two-stage intrusion detection system, including a traffic prediction model and an anomaly detection model. A chatbot is proposed in [8] for detecting online sex offenders, based on an Artificial Conversational Entity (ACE) that connects to different online chat services to start a conversation.…”

Section: The Present Issuementioning

confidence: 99%

Advanced Cybersecurity Services Design

Villagrá

2022

Electronics

View full text Add to dashboard Cite

show abstract

Section: The Present Issuementioning

confidence: 99%

Advanced Cybersecurity Services Design

Villagrá

2022

Electronics

View full text Add to dashboard Cite

show abstract

“…The research status of abnormal traffic detection based on mathematical statistics is shown in literature [4]. The research status of abnormal traffic detection and detection model based on field protocol is as follows: Yu et al proposed to use ARIMA based traffic prediction model to predict short-term traffic, and single-class support vector machine to detect malicious instructions by analyzing key fields in Ethernet /IP packets [5].The basic idea of the abnormal traffic detection method based on machine learning is to take the network traffic data as the training set and use the machine learning algorithm to extract and train the data features. Ding Hongwei et al proposed an anomaly detection model by combining deep autocoding network and BP algorithm [6].The detection accuracy of this model is improved obviously.…”

Section: Introductionmentioning

confidence: 99%

“…Ding Hongwei et al proposed an anomaly detection model by combining deep autocoding network and BP algorithm [6].The detection accuracy of this model is improved obviously. Kuang proposed to improve the pooling method of convolutional neural network to dynamic adaptive pooling, and integrate it into the detection of abnormal network traffic [7].Eduardo et al proposed a network abnormal traffic detection method based on hybrid statistical technology and SOM [8].Kim et al proposed a network abnormal traffic detection method based on C-LSTM-DNN [9]. M Sheikhan et al proposed a network abnormal traffic detection method based on multi-layer perceptron (MLP) [10].…”

Section: Introductionmentioning

confidence: 99%

Research on abnormal network traffic detection method based on machine learning

Tan¹,

Jia²

2023

Third International Conference on Machine Learning and Computer Application (ICMLCA 2022)

View full text Add to dashboard Cite

“…However, anomaly detection performance was not effectual. A two‐stage intrusion detection system was employed in Reference 13 for finding infiltration attacks, forging attacks, and false data injection attacks with higher accuracy. But intrusion detection accuracy was not improved.…”

Section: Introductionmentioning

confidence: 99%

Bipolar fully recurrent deep structured neural learning based attack detection for securing industrial sensor networks

Alzubi

2020

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Attack detection is a significant problem to be resolved to attain security in industrial sensor network. Few research works have been designed for performing attack discovery process with the help of different classification algorithms. However, classification performance was lowered to accurately find attack nodes and thereby getting higher security level (SL). In order to overcome such limitations, bipolar fully recurrent deep structured neural learning based attack detection (BFRDSNL‐AD) technique is proposed in this article. The BFRDSNL‐AD technique comprises of three main layers, namely, input, hidden, and output layer to accurately carry‐out attack detection process. The input layer in BFRDSNL‐AD Technique takes a number of sensor nodes as input. The designed BFRDSNL‐AD technique utilized numbers of hidden layers in order to deeply examine each sensor node in industrial sensor network. The result of the hidden layer is fed‐back into the network along with the inputs in order to discover the temporal dynamic behavior of sensor nodes. In BFRDSNL‐AD technique, output layer applies bipolar activation function to determine the association between identified node features to give attack detection result. If the output layer result is 1, then sensor node is considered as normal. Otherwise, sensor node is considered as malicious attack in industrial sensor network. Thus, the BFRDSNL‐AD technique increases the attack detection performance with higher accuracy and minimal time. From that, BFRDSNL‐AD technique gets enhanced SL in industrial sensor network. The simulation of BFRDSNL‐AD technique is conducted using metrics such as security, data delivery rate, data loss rate, and delay with respect to a different number of sensor nodes and data packets.

show abstract

A Two Stage Intrusion Detection System for Industrial Control Networks Based on Ethernet/IP

Cited by 12 publications

References 33 publications

Advanced Cybersecurity Services Design

Advanced Cybersecurity Services Design

Research on abnormal network traffic detection method based on machine learning

Bipolar fully recurrent deep structured neural learning based attack detection for securing industrial sensor networks

Contact Info

Product

Resources

About