Big Data against Security Threats: The SPEAR Intrusion Detection System

Pliatsios, Dimitrios; Sarigiannidis, Panagiotis; Psannis, Kostas E.; Goudos, Sotirios K.; Vitsas, V.; Moscholios, Ioannis D.

doi:10.1109/wsce51339.2020.9275580

Cited by 3 publications

(3 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One such example is the fact that EKs have evolved beyond file-based methods, with malicious files now existing as memory processes in the operating system in order to evade detection (file-less payloads). This makes even more challenging the detection of EKs at the host level as the delivery payload does not touch the disk and leaves no room for antivirus technology to detect EKs [8]. Thus, we conclude that despite their longevity, EKs are still relevant in the underground malware market as they evolve by adapting to new malware trends.…”

Section: Problem Statement and Motivationmentioning

confidence: 99%

See 1 more Smart Citation

EKnad: Exploit Kits’ network activity detection

Bountakas

Ntantogian

Xenakis

2022

Future Generation Computer Systems

View full text Add to dashboard Cite

Section: Problem Statement and Motivationmentioning

confidence: 99%

“…writing it was the snapshot 2983 8 ). Regarding Suricata, we deployed the Proofpoint Emerging Threat (ET) open ruleset 9 .…”

mentioning

confidence: 99%

EKnad: Exploit Kits’ network activity detection

Bountakas

Ntantogian

Xenakis

2022

Future Generation Computer Systems

View full text Add to dashboard Cite

“…To this end, several security countermeasures have been employed [5] to enhance smart grid security, such as intrusion detection systems (IDSs) [6], [7]. However, IDSs rely heavily on previous knowledge of cyberattack patterns or network behavior.…”

Section: Introductionmentioning

confidence: 99%

A Dynamic Recommendation-based Trust Scheme for the Smart Grid

Pliatsios

Sarigiannidis

Fragulis

et al. 2021

2021 IEEE 7th International Conference on Network Softwarization (NetSoft)

Self Cite

View full text Add to dashboard Cite

The integration of the internet of things (IoT) concept into the traditional electricity grid introduces several critical vulnerabilities. Intrusion detection systems (IDSs) can be effective countermeasures against cyberattacks, however, they require considerable computational and storage resources. As IoT-enabled metering devices have limited resources, IDSs cannot efficiently ensure security. To this end, trust evaluation schemes have emerged as promising solutions toward protecting resource-constrained metering devices. In this work, we proposed a trust evaluation scheme for the smart grid, that is based on direct trust evaluation and recommendation. The proposed hierarchical scheme is able to evaluate the trustiness of each metering device without requiring any significant modifications to the already deployed infrastructure. Additionally, the proposed scheme features is dynamic, meaning that it is robust against nonadversarial events that negatively impact the device's trustiness. To validate the performance of the proposed scheme, we carry out network-level simulations and investigate how the various network parameters impact the trust evaluation performance.

show abstract

Unsupervised BLSTM-Based Electricity Theft Detection with Training Data Contaminated

Liang,

Zhao,

Zhang

et al. 2024

ACM Trans. Cyber-Phys. Syst.

View full text Add to dashboard Cite

Electricity theft can cause economic damage and even increase the risk of outage. Recently, many methods have implemented electricity theft detection on smart meter data. However, how to conduct detection on the dataset without any label still remains challenging. In this paper, we propose a novel unsupervised two-stage approach under the assumption that the training set is contaminated by attacks. Specifically, the method consists of two stages: 1) A Gaussian mixture model (GMM) is employed to cluster consumption patterns with respect to different habits of electricity usage, and with the goal of improving the accuracy of the model in the posterior stage; 2) An attention-based bidirectional Long Short-Term Memory (BLSTM) encoder-decoder scheme is employed to improve the robustness against the non-malicious changes in usage patterns leveraging the process of encoding and decoding. Quantifying the similarity of consumption patterns and reconstruction errors, the anomaly score is defined to improve detection performance. Experiments on a real dataset show that the proposed method outperforms the state-of-the-art unsupervised detectors.

show abstract

Big Data against Security Threats: The SPEAR Intrusion Detection System

Cited by 3 publications

References 19 publications

EKnad: Exploit Kits’ network activity detection

EKnad: Exploit Kits’ network activity detection

A Dynamic Recommendation-based Trust Scheme for the Smart Grid

Unsupervised BLSTM-Based Electricity Theft Detection with Training Data Contaminated

Contact Info

Product

Resources

About