资源受限工业信息物理系统轻量级慢速攻击检测框架

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-05-09 DOI:10.1016/j.cose.2025.104508

Farzana Zahid , Matthew M.Y. Kuo , Roopak Sinha

{"title":"资源受限工业信息物理系统轻量级慢速攻击检测框架","authors":"Farzana Zahid , Matthew M.Y. Kuo , Roopak Sinha","doi":"10.1016/j.cose.2025.104508","DOIUrl":null,"url":null,"abstract":"<div><div><em>Industrial</em> Cyber–Physical Systems (ICPS) are heterogeneous computer systems interacting with physical processes in an industrial environment. The presence of numerous interconnected components poses significant security threats to ICPS. Slow-Rate Attacks (SRA), in which attackers attack a system constantly at low volumes, are difficult to detect for resource-constrained ICPS computers like programmable logic controllers (PLC). We propose an optimised light-weight active security framework for SRA detection based on Online Sequential Extreme Learning Machine (OSELM). We optimise the memory and space footprint of OSELM for deployment in resource-constrained ICPS. Additionally, a simple stratified k-fold cross training method improves the performance and accuracy of binary and multi-class SRA detection. Compared to existing methods, our technique requires less space and reduces attack detection time by at least 95%.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"156 ","pages":"Article 104508"},"PeriodicalIF":4.8000,"publicationDate":"2025-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Light-weight slow-rate attack detection framework for resource-constrained Industrial Cyber–Physical Systems\",\"authors\":\"Farzana Zahid , Matthew M.Y. Kuo , Roopak Sinha\",\"doi\":\"10.1016/j.cose.2025.104508\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div><em>Industrial</em> Cyber–Physical Systems (ICPS) are heterogeneous computer systems interacting with physical processes in an industrial environment. The presence of numerous interconnected components poses significant security threats to ICPS. Slow-Rate Attacks (SRA), in which attackers attack a system constantly at low volumes, are difficult to detect for resource-constrained ICPS computers like programmable logic controllers (PLC). We propose an optimised light-weight active security framework for SRA detection based on Online Sequential Extreme Learning Machine (OSELM). We optimise the memory and space footprint of OSELM for deployment in resource-constrained ICPS. Additionally, a simple stratified k-fold cross training method improves the performance and accuracy of binary and multi-class SRA detection. Compared to existing methods, our technique requires less space and reduces attack detection time by at least 95%.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"156 \",\"pages\":\"Article 104508\"},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2025-05-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S016740482500197X\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482500197X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

工业信息物理系统（ICPS）是在工业环境中与物理过程相互作用的异构计算机系统。大量互连组件的存在对ICPS构成了重大的安全威胁。慢速攻击（Slow-Rate Attacks， SRA）是指攻击者持续对系统进行低容量的攻击，对于资源受限的ICPS计算机，如可编程逻辑控制器（PLC）来说，这种攻击很难被检测到。我们提出了一种基于在线顺序极限学习机（OSELM）的SRA检测的优化轻量级主动安全框架。我们优化了OSELM的内存和空间占用，以便在资源受限的ICPS中部署。此外，一种简单的分层k-fold交叉训练方法提高了二值和多类SRA检测的性能和准确性。与现有方法相比，我们的技术需要更少的空间，并且将攻击检测时间减少了至少95%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Light-weight slow-rate attack detection framework for resource-constrained Industrial Cyber–Physical Systems

Industrial Cyber–Physical Systems (ICPS) are heterogeneous computer systems interacting with physical processes in an industrial environment. The presence of numerous interconnected components poses significant security threats to ICPS. Slow-Rate Attacks (SRA), in which attackers attack a system constantly at low volumes, are difficult to detect for resource-constrained ICPS computers like programmable logic controllers (PLC). We propose an optimised light-weight active security framework for SRA detection based on Online Sequential Extreme Learning Machine (OSELM). We optimise the memory and space footprint of OSELM for deployment in resource-constrained ICPS. Additionally, a simple stratified k-fold cross training method improves the performance and accuracy of binary and multi-class SRA detection. Compared to existing methods, our technique requires less space and reduces attack detection time by at least 95%.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.