Enhancing cybersecurity in railways: Machine learning approaches for attack detection
IF 5.3
3区 工程技术
Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
International Journal of Critical Infrastructure Protection
Pub Date : 2025-08-08
DOI:10.1016/j.ijcip.2025.100788
引用次数: 0
Abstract
Ensuring the security of railway systems is crucial to protecting both passengers and infrastructure from the increasing threat of cyberattacks. As these threats grow in complexity and frequency, the need for resilient attack detection systems becomes more pressing.
This study tackles the challenge of attack detection in railway systems using machine learning techniques. By integrating Generative Adversarial Networks (GANs), Convolutional Neural Networks (CNNs), and Transfer Learning (TL), we enhance detection accuracy and develop a robust approach capable of identifying both known and emerging threats. Our methodology utilized the Electra Modbus dataset as the source domain and was transferred to the Electra S7Comm dataset as the target domain. Experimental results highlight the effectiveness of GAN-based data augmentation in mitigating the scarcity of attack samples, enhancing both the robustness and generalizability of our detection models. Additionally, the application of pre-trained models through transfer learning played a crucial role in achieving superior performance. Our proposed solution can be deployed within railway networks to strengthen security measures, enabling proactive responses to cyber threats, safeguarding critical infrastructure, and ensuring uninterrupted operations.
加强铁路网络安全:攻击检测的机器学习方法
确保铁路系统的安全对于保护乘客和基础设施免受日益严重的网络攻击威胁至关重要。随着这些威胁的复杂性和频率的增加,对弹性攻击检测系统的需求变得更加迫切。本研究利用机器学习技术解决了铁路系统攻击检测的挑战。通过集成生成对抗网络(GANs)、卷积神经网络(cnn)和迁移学习(TL),我们提高了检测准确性,并开发了一种能够识别已知和新出现的威胁的鲁棒方法。我们的方法使用Electra Modbus数据集作为源域,并将其转换为Electra S7Comm数据集作为目标域。实验结果强调了基于gan的数据增强在缓解攻击样本稀缺性方面的有效性,增强了我们的检测模型的鲁棒性和泛化性。此外,通过迁移学习的预训练模型的应用在取得优异成绩方面发挥了至关重要的作用。我们提出的解决方案可以部署在铁路网络中,以加强安全措施,主动响应网络威胁,保护关键基础设施,并确保不间断运营。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文
求助全文
来源期刊
International Journal of Critical Infrastructure Protection
COMPUTER SCIENCE, INFORMATION SYSTEMS-ENGINEERING, MULTIDISCIPLINARY
CiteScore
8.90
自引率
5.60%
发文量
46
审稿时长
>12 weeks
期刊介绍:
The International Journal of Critical Infrastructure Protection (IJCIP) was launched in 2008, with the primary aim of publishing scholarly papers of the highest quality in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology, law and policy to craft sophisticated yet practical solutions for securing assets in the various critical infrastructure sectors. These critical infrastructure sectors include: information technology, telecommunications, energy, banking and finance, transportation systems, chemicals, critical manufacturing, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, nuclear reactors, materials and waste, postal and shipping, and government facilities. Protecting and ensuring the continuity of operation of critical infrastructure assets are vital to national security, public health and safety, economic vitality, and societal wellbeing.
The scope of the journal includes, but is not limited to:
1. Analysis of security challenges that are unique or common to the various infrastructure sectors.
2. Identification of core security principles and techniques that can be applied to critical infrastructure protection.
3. Elucidation of the dependencies and interdependencies existing between infrastructure sectors and techniques for mitigating the devastating effects of cascading failures.
4. Creation of sophisticated, yet practical, solutions, for critical infrastructure protection that involve mathematical, scientific and engineering techniques, economic and social science methods, and/or legal and public policy constructs.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
