The Role of One-Class Classification in Detecting Cyberattacks in Critical Infrastructures

Autor: Paul Honeine, Patric Nader, Pierre Beauseroy
Přispěvatelé: Laboratoire Modélisation et Sûreté des Systèmes (LM2S), Institut Charles Delaunay (ICD), Université de Technologie de Troyes (UTT)-Centre National de la Recherche Scientifique (CNRS)-Université de Technologie de Troyes (UTT)-Centre National de la Recherche Scientifique (CNRS), Panayiotou, Christos G. and Ellinas, Georgios and Kyriakides, Elias and Polycarpou, Marios M., Christos G. Panayiotou and Georgios Ellinas and Elias Kyriakides and Marios M. Polycarpou
Jazyk: angličtina
Rok vydání: 2014
Předmět:
cybersecurity
Computer science
02 engineering and technology
Intrusion detection system
Computer security
computer.software_genre
one-class
Kernel principal component analysis
[INFO.INFO-LG]Computer Science [cs]/Machine Learning [cs.LG]
[INFO.INFO-TS]Computer Science [cs]/Signal and Image Processing
0202 electrical engineering
electronic engineering
information engineering

One-class classification
[INFO]Computer Science [cs]
ComputingMilieux_MISCELLANEOUS
Heuristic
Bandwidth (signal processing)
[INFO.INFO-CV]Computer Science [cs]/Computer Vision and Pattern Recognition [cs.CV]
020207 software engineering
021001 nanoscience & nanotechnology
Support vector machine
Statistical classification
machine learning
Metric (mathematics)
0210 nano-technology
computer
[SPI.SIGNAL]Engineering Sciences [physics]/Signal and Image processing
Zdroj: Proc. 9th International Conference on Critical Information Infrastructures Security
Proc. 9th International Conference on Critical Information Infrastructures Security, 2014, Limassol, Cyprus
Critical Information Infrastructures Security
Christos G. Panayiotou and Georgios Ellinas and Elias Kyriakides and Marios M. Polycarpou. Critical Information Infrastructures Security, 25, Springer, pp.244-255, 2016, 978-3-319-31663-5
Critical Information Infrastructures Security ISBN: 9783319316635
CRITIS
Popis: International audience; The security of critical infrastructures has gained a lot of attention in the past few years with the growth of cyberthreats and the diversity of cyberattacks. Although traditional IDS update frequently their databases of known attacks, new complex attacks are generated everyday to circumvent security systems and to make their detection nearly impossible. This paper outlines the importance of one-class classification algorithms in detecting malicious cyberattacks in critical infrastructures. The role of machine learning algorithms is complementary to IDS and firewalls, and the objective of this work is to detect intentional intrusions once they have already bypassed these security systems. Two approaches are investigated, Support Vector Data Description and Kernel Principal Component Analysis. The impact of the metric in kernels is investigated, and a heuristic for choosing the bandwidth parameter is proposed. Tests are conducted on real data with several types of cyberattacks.
Databáze: OpenAIRE