Inter-Domain Fusion for Enhanced Intrusion Detection in Power Systems: An Evidence Theoretic and Meta-Heuristic Approach

• URL: http://arxiv.org/abs/2111.10484v1
• Date: Sat, 20 Nov 2021 00:05:39 GMT
• Title: Inter-Domain Fusion for Enhanced Intrusion Detection in Power Systems: An Evidence Theoretic and Meta-Heuristic Approach
• Authors: Abhijeet Sahu and Katherine Davis
• Abstract summary: False alerts due to/ compromised IDS in ICS networks can lead to severe economic and operational damage. This work presents an approach for reducing false alerts in CPS power systems by dealing with uncertainty without prior distribution of alerts.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: False alerts due to misconfigured/ compromised IDS in ICS networks can lead to severe economic and operational damage. To solve this problem, research has focused on leveraging deep learning techniques that help reduce false alerts. However, a shortcoming is that these works often require or implicitly assume the physical and cyber sensors to be trustworthy. Implicit trust of data is a major problem with using artificial intelligence or machine learning for CPS security, because during critical attack detection time they are more at risk, with greater likelihood and impact, of also being compromised. To address this shortcoming, the problem is reframed on how to make good decisions given uncertainty. Then, the decision is detection, and the uncertainty includes whether the data used for ML-based IDS is compromised. Thus, this work presents an approach for reducing false alerts in CPS power systems by dealing uncertainty without the knowledge of prior distribution of alerts. Specifically, an evidence theoretic based approach leveraging Dempster Shafer combination rules are proposed for reducing false alerts. A multi-hypothesis mass function model is designed that leverages probability scores obtained from various supervised-learning classifiers. Using this model, a location-cum-domain based fusion framework is proposed and evaluated with different combination rules, that fuse multiple evidence from inter-domain and intra-domain sensors. The approach is demonstrated in a cyber-physical power system testbed with Man-In-The-Middle attack emulation in a large-scale synthetic electric grid. For evaluating the performance, plausibility, belief, pignistic, etc. metrics as decision functions are considered. To improve the performance, a multi-objective based genetic algorithm is proposed for feature selection considering the decision metrics as the fitness function.

Related papers

• FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
  FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks. We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness. Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
  arXiv  Detail & Related papers  (2024-03-26T08:51:23Z)
• AI-Based Energy Transportation Safety: Pipeline Radial Threat Estimation Using Intelligent Sensing System [52.93806509364342]
  This paper proposes a radial threat estimation method for energy pipelines based on distributed optical fiber sensing technology. We introduce a continuous multi-view and multi-domain feature fusion methodology to extract comprehensive signal features. We incorporate the concept of transfer learning through a pre-trained model, enhancing both recognition accuracy and training efficiency.
  arXiv  Detail & Related papers  (2023-12-18T12:37:35Z)
• Investigating Robustness in Cyber-Physical Systems: Specification-Centric Analysis in the face of System Deviations [8.8690305802668]
  A critical attribute of cyber-physical systems (CPS) is robustness, denoting its capacity to operate safely. This paper proposes a novel specification-based robustness, which characterizes the effectiveness of a controller in meeting a specified system requirement. We present an innovative two-layer simulation-based analysis framework designed to identify subtle robustness violations.
  arXiv  Detail & Related papers  (2023-11-13T16:44:43Z)
• Enhancing Trustworthiness in ML-Based Network Intrusion Detection with Uncertainty Quantification [0.0]
  Intrusion Detection Systems (IDSs) are security devices designed to identify and mitigate attacks to modern networks. Data-driven approaches based on Machine Learning (ML) have gained more and more popularity for executing the classification tasks. However, typical ML models adopted for this purpose do not properly take into account the uncertainty associated with their prediction.
  arXiv  Detail & Related papers  (2023-09-05T13:52:41Z)
• Uncertainty-Aware AB3DMOT by Variational 3D Object Detection [74.8441634948334]
  Uncertainty estimation is an effective tool to provide statistically accurate predictions. In this paper, we propose a Variational Neural Network-based TANet 3D object detector to generate 3D object detections with uncertainty.
  arXiv  Detail & Related papers  (2023-02-12T14:30:03Z)
• Selective and Features based Adversarial Example Detection [12.443388374869745]
  Security-sensitive applications that relay on Deep Neural Networks (DNNs) are vulnerable to small perturbations crafted to generate Adversarial Examples (AEs) We propose a novel unsupervised detection mechanism that uses the selective prediction, processing model layers outputs, and knowledge transfer concepts in a multi-task learning setting. Experimental results show that the proposed approach achieves comparable results to the state-of-the-art methods against tested attacks in white box scenario and better results in black and gray boxes scenarios.
  arXiv  Detail & Related papers  (2021-03-09T11:06:15Z)
• Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
  This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs. Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
  arXiv  Detail & Related papers  (2021-01-28T16:38:26Z)
• Multi-Source Data Fusion for Cyberattack Detection in Power Systems [1.8914160585516038]
  We show that fusing information from multiple data sources can help identify cyber-induced incidents and reduce false positives. We perform multi-source data fusion for training IDS in a cyber-physical power system testbed. Results are presented using the proposed data fusion application to infer False Data and Command injection-based Man-in- The-Middle attacks.
  arXiv  Detail & Related papers  (2021-01-18T06:34:45Z)
• Uncertainty-Aware Deep Calibrated Salient Object Detection [74.58153220370527]
  Existing deep neural network based salient object detection (SOD) methods mainly focus on pursuing high network accuracy. These methods overlook the gap between network accuracy and prediction confidence, known as the confidence uncalibration problem. We introduce an uncertaintyaware deep SOD network, and propose two strategies to prevent deep SOD networks from being overconfident.
  arXiv  Detail & Related papers  (2020-12-10T23:28:36Z)
• Bayesian Optimization with Machine Learning Algorithms Towards Anomaly Detection [66.05992706105224]
  In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique. The performance of the considered algorithms is evaluated using the ISCX 2012 dataset. Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
  arXiv  Detail & Related papers  (2020-08-05T19:29:35Z)
• A cognitive based Intrusion detection system [0.0]
  Intrusion detection is one of the important mechanisms that provide computer networks security. This paper proposes a new approach based on Deep Neural Network ans Support vector machine classifier. The proposed model predicts the attacks with better accuracy for intrusion detection rather similar methods.
  arXiv  Detail & Related papers  (2020-05-19T13:30:30Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.