Deep transfer learning for intrusion detection in industrial control networks: A comprehensive review

• URL: http://arxiv.org/abs/2304.10550v2
• Date: Mon, 1 Apr 2024 22:57:46 GMT
• Title: Deep transfer learning for intrusion detection in industrial control networks: A comprehensive review
• Authors: Hamza Kheddar, Yassine Himeur, Ali Ismail Awad,
• Abstract summary: This review examines the most recent artificial-intelligence techniques that are used to create intrusion detection systems (IDSs) in industrial control networks. A particular emphasis is on IDS-based deep transfer learning (DTL) The algorithms and methods used in several studies are presented, and the principles of DTL-based IDS are presented to the reader.
• Score: 2.6139277283954527
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Globally, the external internet is increasingly being connected to industrial control systems. As a result, there is an immediate need to protect these networks from a variety of threats. The key infrastructure of industrial activity can be protected from harm using an intrusion detection system (IDS), a preventive mechanism that seeks to recognize new kinds of dangerous threats and hostile activities. This review examines the most recent artificial-intelligence techniques that are used to create IDSs in many kinds of industrial control networks, with a particular emphasis on IDS-based deep transfer learning (DTL). DTL can be seen as a type of information-fusion approach that merges and/or adapts knowledge from multiple domains to enhance the performance of a target task, particularly when labeled data in the target domain is scarce. Publications issued after 2015 were considered. These selected publications were divided into three categories: DTL-only and IDS-only works are examined in the introduction and background section, and DTL-based IDS papers are considered in the core section of this review. By reading this review paper, researchers will be able to gain a better grasp of the current state of DTL approaches used in IDSs in many different types of network. Other useful information, such as the datasets used, the type of DTL employed, the pre-trained network, IDS techniques, the evaluation metrics including accuracy/F-score and false-alarm rate, and the improvements gained, are also covered. The algorithms and methods used in several studies are presented, and the principles of DTL-based IDS subcategories are presented to the reader and illustrated deeply and clearly

Related papers

• Enhanced Anomaly Detection in Industrial Control Systems aided by Machine Learning [2.2457306746668766]
  This study investigates whether combining both network and process data can improve attack detection in ICSs environments. Our findings suggest that integrating network traffic with operational process data can enhance detection capabilities. Although the results are promising, they are preliminary and highlight the need for further studies.
  arXiv  Detail & Related papers  (2024-10-25T17:41:33Z)
• C-RADAR: A Centralized Deep Learning System for Intrusion Detection in Software Defined Networks [0.0]
  We propose the use of deep learning (DL) techniques for intrusion detection in Software Defined Networks (SDNs) Our results show that the DL-based approach outperforms traditional methods in terms of detection accuracy and computational efficiency. This technique can be trained to detect new attack patterns and improve the overall security of SDNs.
  arXiv  Detail & Related papers  (2024-08-30T15:39:37Z)
• Deep Reinforcement Learning for Intrusion Detection in IoT: A Survey [0.23408308015481666]
  State-of-the-art DRL-based IDS methods have been classified into five categories including wireless sensor network (WSN), deep Q-network (DQN), healthcare, hybrid, and other techniques. The most crucial performance metrics, namely accuracy, recall, precision, false negative rate (FNR), false positive rate (FPR), and F-measure, are detailed.
  arXiv  Detail & Related papers  (2024-05-30T13:19:23Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• A near-autonomous and incremental intrusion detection system through active learning of known and unknown attacks [2.686686221415684]
  Intrusion detection is a traditional practice of security experts, however, there are several issues which still need to be tackled. We present an architecture for a hybrid Intrusion Detection System (IDS) for an adaptive and incremental detection of both known and unknown attacks.
  arXiv  Detail & Related papers  (2023-10-26T14:37:54Z)
• Decompose to Adapt: Cross-domain Object Detection via Feature Disentanglement [79.2994130944482]
  We design a Domain Disentanglement Faster-RCNN (DDF) to eliminate the source-specific information in the features for detection task learning. Our DDF method facilitates the feature disentanglement at the global and local stages, with a Global Triplet Disentanglement (GTD) module and an Instance Similarity Disentanglement (ISD) module. By outperforming state-of-the-art methods on four benchmark UDA object detection tasks, our DDF method is demonstrated to be effective with wide applicability.
  arXiv  Detail & Related papers  (2022-01-06T05:43:01Z)
• Triggering Failures: Out-Of-Distribution detection by learning from local adversarial attacks in Semantic Segmentation [76.2621758731288]
  We tackle the detection of out-of-distribution (OOD) objects in semantic segmentation. Our main contribution is a new OOD detection architecture called ObsNet associated with a dedicated training scheme based on Local Adversarial Attacks (LAA) We show it obtains top performances both in speed and accuracy when compared to ten recent methods of the literature on three different datasets.
  arXiv  Detail & Related papers  (2021-08-03T17:09:56Z)
• Towards a Privacy-preserving Deep Learning-based Network Intrusion Detection in Data Distribution Services [0.0]
  Data Distribution Service (DDS) is an innovative approach towards communication in ICS/IoT infrastructure and robotics. Traditional intrusion detection systems (IDS) do not detect any anomalies in the publish/subscribe method. This report presents an experimental work on simulation and application of Deep Learning for their detection.
  arXiv  Detail & Related papers  (2021-06-12T12:53:38Z)
• Data Mining with Big Data in Intrusion Detection Systems: A Systematic Literature Review [68.15472610671748]
  Cloud computing has become a powerful and indispensable technology for complex, high performance and scalable computation. The rapid rate and volume of data creation has begun to pose significant challenges for data management and security. The design and deployment of intrusion detection systems (IDS) in the big data setting has, therefore, become a topic of importance.
  arXiv  Detail & Related papers  (2020-05-23T20:57:12Z)
• Progressive Object Transfer Detection [84.48927705173494]
  We propose a novel Progressive Object Transfer Detection (POTD) framework. First, POTD can leverage various object supervision of different domains effectively into a progressive detection procedure. Second, POTD consists of two delicate transfer stages, i.e., Low-Shot Transfer Detection (LSTD), and Weakly-Supervised Transfer Detection (WSTD)
  arXiv  Detail & Related papers  (2020-02-12T00:16:24Z)
• Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process [63.75363908696257]
  We review the methods that have been applied to network data with the purpose of developing an intrusion detector. We discuss the techniques used for the capture, preparation and transformation of the data, as well as, the data mining and evaluation methods. As a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.
  arXiv  Detail & Related papers  (2020-01-27T11:21:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.