The Role of One-Class Classification in Detecting Cyberattacks in Critical Infrastructures - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

The Role of One-Class Classification in Detecting Cyberattacks in Critical Infrastructures

Résumé

The security of critical infrastructures has gained a lot of attention in the past few years with the growth of cyberthreats and the diversity of cyberattacks. Although traditional IDS update frequently their databases of known attacks, new complex attacks are generated everyday to circumvent security systems and to make their detection nearly impossible. This paper outlines the importance of one-class classification algorithms in detecting malicious cyberattacks in critical infrastructures. The role of machine learning algorithms is complementary to IDS and firewalls, and the objective of this work is to detect intentional intrusions once they have already bypassed these security systems. Two approaches are investigated, Support Vector Data Description and Kernel Principal Component Analysis. The impact of the metric in kernels is investigated, and a heuristic for choosing the bandwidth parameter is proposed. Tests are conducted on real data with several types of cyberattacks.
Fichier non déposé

Dates et versions

hal-01965997 , version 1 (02-01-2019)

Identifiants

  • HAL Id : hal-01965997 , version 1

Citer

Patric Nader, Paul Honeine, Pierre Beauseroy. The Role of One-Class Classification in Detecting Cyberattacks in Critical Infrastructures. Proc. 9th International Conference on Critical Information Infrastructures Security, 2014, Limassol, Cyprus. ⟨hal-01965997⟩
22 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More