Towards a Privacy-preserving Deep Learning-based Network Intrusion Detection in Data Distribution Services

06/12/2021
by   Stanislav Abaimov, et al.
0

Data Distribution Service (DDS) is an innovative approach towards communication in ICS/IoT infrastructure and robotics. Being based on the cross-platform and cross-language API to be applicable in any computerised device, it offers the benefits of modern programming languages and the opportunities to develop more complex and advanced systems. However, the DDS complexity equally increases its vulnerability, while the existing security measures are limited to plug-ins and static rules, with the rest of the security provided by third-party applications and operating system. Specifically, traditional intrusion detection systems (IDS) do not detect any anomalies in the publish/subscribe method. With the exponentially growing global communication exchange, securing DDS is of the utmost importance to futureproofing industrial, public, and even personal devices and systems. This report presents an experimental work on the simulation of several specific attacks against DDS, and the application of Deep Learning for their detection. The findings show that even though Deep Learning allows to detect all simulated attacks using only metadata analysis, their detection level varies, with some of the advanced attacks being harder to detect. The limitations imposed by the attempts to preserve privacy significantly decrease the detection rate. The report also reviews the drawbacks and limitations of the Deep Learning approach and proposes a set of selected solutions and configurations, that can further improve the DDS security.

READ FULL TEXT

page 9

page 14

research
12/31/2019

Deep Learning-Based Intrusion Detection System for Advanced Metering Infrastructure

Smart grid is an alternative solution of the conventional power grid whi...
research
07/06/2021

A Low-Cost Machine Learning Based Network Intrusion Detection System with Data Privacy Preservation

Network intrusion is a well-studied area of cyber security. Current mach...
research
11/05/2021

IPAL: Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection Systems

The increasing interconnection of industrial networks with the Internet ...
research
09/23/2021

An Anomaly-based Multi-class Classifier for Network Intrusion Detection

Network intrusion detection systems (NIDS) are one of several solutions ...
research
09/20/2021

A Novel Online Incremental Learning Intrusion Prevention System

Attack vectors are continuously evolving in order to evade Intrusion Det...
research
03/28/2021

A Survey on Ethical Hacking: Issues and Challenges

Security attacks are growing in an exponential manner and their impact o...

Please sign up or login with your details

Forgot password? Click here to reset