Intrusion detection system framework for cyber-physical systems

IF 5 3区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Egyptian Informatics Journal Pub Date : 2025-06-01 DOI:10.1016/j.eij.2024.100600

Shafiq ur Rehman , Hisham Alhulayyil , Taher Alzahrani , Hatoon AlSagri , Muhammad U. Khalid , Volker Gruhn

{"title":"Intrusion detection system framework for cyber-physical systems","authors":"Shafiq ur Rehman , Hisham Alhulayyil , Taher Alzahrani , Hatoon AlSagri , Muhammad U. Khalid , Volker Gruhn","doi":"10.1016/j.eij.2024.100600","DOIUrl":null,"url":null,"abstract":"<div><div>Cyber-Physical Systems (CPS) have become integral components across diverse sectors, including autonomous vehicle systems, healthcare, power distribution, and manufacturing. These systems leverage physical components enhanced with intelligent capabilities, enabling autonomous functionality and increased efficiency. Security is a critical concern for CPS due to their close integration with essential infrastructure, where failures can have severe consequences for both the physical environment and human lives. Intrusion Detection Systems (IDS) can be a vital tool for secure CPS, detecting and alerting against threats such as malicious activities. However, conventional IDS designs are often inadequate for CPS environments, typically focusing solely on the network (Network-based Intrusion Detection System or NIDS) or application layer (Host-based Intrusion Detection System or HIDS), while neglecting the physical layer. Therefore, this research proposes a novel IDS framework that employs a hybrid detection approach, along with comprehensive guidelines for intrusion detection specifically tailored to CPS. This initiative contributes towards establishing a cohesive IDS framework for CPS, empowering practitioners in navigating this domain and crafting bespoke intrusion detection solutions. The proposed approach has been rigorously evaluated through a comparative analysis of different methodologies, demonstrating the effectiveness of the guidelines and requirements in addressing all relevant security aspects for IDS design. This research provides CPS practitioners and researchers with actionable guidelines designed to effectively enhance the security posture of their systems. By implementing these guidelines, they can better protect against threats and mitigate their potential consequences, thereby contributing to the security of Industry 4.0. This proactive approach not only secure critical infrastructure but also fosters a more resilient and secure operational environment in the face of evolving cyber threats.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100600"},"PeriodicalIF":5.0000,"publicationDate":"2025-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Egyptian Informatics Journal","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110866524001634","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Cyber-Physical Systems (CPS) have become integral components across diverse sectors, including autonomous vehicle systems, healthcare, power distribution, and manufacturing. These systems leverage physical components enhanced with intelligent capabilities, enabling autonomous functionality and increased efficiency. Security is a critical concern for CPS due to their close integration with essential infrastructure, where failures can have severe consequences for both the physical environment and human lives. Intrusion Detection Systems (IDS) can be a vital tool for secure CPS, detecting and alerting against threats such as malicious activities. However, conventional IDS designs are often inadequate for CPS environments, typically focusing solely on the network (Network-based Intrusion Detection System or NIDS) or application layer (Host-based Intrusion Detection System or HIDS), while neglecting the physical layer. Therefore, this research proposes a novel IDS framework that employs a hybrid detection approach, along with comprehensive guidelines for intrusion detection specifically tailored to CPS. This initiative contributes towards establishing a cohesive IDS framework for CPS, empowering practitioners in navigating this domain and crafting bespoke intrusion detection solutions. The proposed approach has been rigorously evaluated through a comparative analysis of different methodologies, demonstrating the effectiveness of the guidelines and requirements in addressing all relevant security aspects for IDS design. This research provides CPS practitioners and researchers with actionable guidelines designed to effectively enhance the security posture of their systems. By implementing these guidelines, they can better protect against threats and mitigate their potential consequences, thereby contributing to the security of Industry 4.0. This proactive approach not only secure critical infrastructure but also fosters a more resilient and secure operational environment in the face of evolving cyber threats.

查看原文本刊更多论文

网络物理系统入侵检测系统框架

信息物理系统（CPS）已经成为各个行业不可或缺的组成部分，包括自动驾驶汽车系统、医疗保健、配电和制造业。这些系统利用具有智能功能增强的物理组件，实现自主功能并提高效率。对于CPS来说，安全性是一个关键问题，因为它们与基本基础设施紧密集成，在这些基础设施中，故障可能对物理环境和人类生活造成严重后果。入侵检测系统（IDS）是安全CPS的重要工具，可以检测和警告恶意活动等威胁。然而，传统的入侵检测系统设计往往不适合CPS环境，通常只关注网络（基于网络的入侵检测系统或NIDS）或应用层（基于主机的入侵检测系统或HIDS），而忽略了物理层。因此，本研究提出了一种新的IDS框架，该框架采用混合检测方法，以及专门针对CPS的入侵检测的综合指南。该计划有助于为CPS建立一个内聚的IDS框架，使从业者能够导航该领域并制定定制的入侵检测解决方案。通过对不同方法的比较分析，对所建议的方法进行了严格的评估，证明了指南和要求在解决IDS设计的所有相关安全方面的有效性。这项研究为CPS从业者和研究人员提供了可操作的指导方针，旨在有效地增强其系统的安全态势。通过实施这些指导方针，他们可以更好地防范威胁并减轻其潜在后果，从而为工业4.0的安全性做出贡献。这种积极主动的方法不仅可以保护关键基础设施，还可以在面对不断变化的网络威胁时营造更具弹性和安全的运营环境。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Egyptian Informatics Journal Decision Sciences-Management Science and Operations Research

CiteScore

11.10

自引率

1.90%

发文量

审稿时长

110 days

期刊介绍： The Egyptian Informatics Journal is published by the Faculty of Computers and Artificial Intelligence, Cairo University. This Journal provides a forum for the state-of-the-art research and development in the fields of computing, including computer sciences, information technologies, information systems, operations research and decision support. Innovative and not-previously-published work in subjects covered by the Journal is encouraged to be submitted, whether from academic, research or commercial sources.