Abstract
Cyber-Physical Production Systems (CPPS) are becoming increasingly more susceptible to security vulnerabilities, specially with the introduction of IoT principles in manufacturing scenarios. Since security is crucial to the development and acceptance of CPPS, flexible adaptation to real CPPS security environment and reasonable response to real-time CPPS security events are needed. This paper presents an Intrusion Detection System (IDS) approach for CPPS, based on an extended version of the Dendritic Cell Algorithm (DCA), designated as Incremental Dendritic Cell Algorithm (iDCA). Facing the industrial requirements for intrusion detection and response, the proposed solution enables online incremental detection in an unsupervised manner. Results show that the approach is a viable solution to detect anomalies in (near) real-time, specially in environments with little a priori system knowledge for intrusion detection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahmad, S., Lavin, A., Purdy, S., Agha, Z.: Unsupervised real-time anomaly detection for streaming data. Neurocomputing 262, 134–147 (2017)
Aickelin, U., Cayzer, S.: The danger theory and its application to artificial immune systems. arXiv preprint arXiv:0801.3549 (2008)
Ashraf, Q.M., Habaebi, M.H.: Autonomic schemes for threat mitigation in internet of things. J. Netw. Comput. Appl. 49, 112–127 (2015)
Baker, G.H., Berg, A.: Supervisory control and data acquisition (SCADA) systems. Crit. Infrastr. Protect. Rep. 1(6) (2002)
Bay, S.D., Kibler, D., Pazzani, M.J., Smyth, P.: The UCI KDD archive of large data sets for data mining research and experimentation. ACM SIGKDD Explor. Newsl. 2(2), 81–85 (2000)
Bennaoui, A., Hachemani, R., Kouninef, B.: Immune-inspired algorithm for network intrusion detection
Bhuyan, M.H., Bhattacharyya, D.K., Kalita, J.K.: Survey on incremental approaches for network anomaly detection. arXiv preprint arXiv:1211.4493 (2012)
Burbeck, K., Nadjm-Tehrani, S.: Adwice–anomaly detection with real-time incremental clustering. In: International Conference on Information Security and Cryptology, pp. 407–424. Springer, Heidelberg (2004). https://doi.org/10.1007/11496618_30
Burbeck, K., Nadjm-Tehrani, S.: Adaptive real-time anomaly detection with incremental clustering. Inf. Secur. Tech. Rep. 12(1), 56–67 (2007)
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)
Chelly, Z., Elouedi, Z.: A survey of the dendritic cell algorithm. Knowl. Inf. Syst. 48(3), 505–535 (2016)
Chen, M.-H., Chang, P.-C., Jheng-Long, W.: A population-based incremental learning approach with artificial immune system for network intrusion detection. Eng. Appl. Artif. Intell. 51, 171–181 (2016)
Dasgupta, D., Senhua, Yu., Nino, F.: Recent advances in artificial immune systems: models and applications. Appl. Soft Comput. 11(2), 1574–1587 (2011)
Gepperth, A., Hammer, B.: Incremental learning algorithms and applications (2016)
Ghosh, D., Sharman, R., Rao, H.R., Upadhyaya, S.: Self-healing systems–survey and synthesis. Decis. Support Syst. 42(4), 2164–2185 (2007)
Greensmith, J.: The dendritic cell algorithm. Ph.D. thesis, Citeseer (2007)
Greensmith, J., Aickelin, U.: The deterministic dendritic cell algorithm. In: International Conference on Artificial Immune Systems, pp. 291–302. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85072-4_26
Gu, F.: Theoretical and empirical extensions of the dendritic cell algorithm. Ph.D. thesis, University of Nottingham (2011)
Gu, F., Greensmith, J., Aickelin, U.: Further exploration of the dendritic cell algorithm: antigen multiplier and time windows. In: International Conference on Artificial Immune Systems, pp. 142–153. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85072-4_26
Halford, M., Bolmier, G., Sourty, R., Vaysse, R., Zouitine, A.: Creme, a Python library for online machine learning (2019)
Han, S., Xie, M., Chen, H.-H., Ling, Y.: Intrusion detection in cyber-physical systems: techniques and challenges. IEEE Syst. J. 8(4), 1052–1062 (2014)
IBM: Autonomic Computing: IBM’s Perspective on the State of Information Technology, October 2001. http://people.scs.carleton.ca/~soma/biosec/readings/autonomic_computing.pdf
Igbe, O., Darwish, I., Saadawi, T.: Deterministic dendritic cell algorithm application to smart grid cyber-attack detection. In: 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), pp. 199–204. IEEE (2017)
Jing, Q., Vasilakos, A.V., Wan, J., Lu, J., Qiu, D.: Security of the internet of things: perspectives and challenges. Wirel. Netw. 20(8), 2481–2501 (2014)
Khreich, W., Granger, E., Miri, A., Sabourin, R.: A comparison of techniques for on-line incremental learning of hmm parameters in anomaly detection. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–8. IEEE (2009)
Koopman, P.: Elements of the self-healing system problem space. J. Reliabil. Qual. Saf. Eng. 8 (2003)
Laskov, P., Gehl, C., Krüger, S., Müller, K.-R.: Incremental support vector learning: analysis, implementation and applications. J. Mach. Learn. Res. 7(Sep), 1909–1936 (2006)
Lavin, A., Ahmad, S.: Evaluating real-time anomaly detection algorithms–the numenta anomaly benchmark. In: 2015 IEEE 14th International Conference on Machine Learning and Applications (ICMLA), pp. 38–44. IEEE (2015)
Lemos, R.: SCADA system makers pushed toward security. July 2006. http://www.securityfocus.com/news/11402
Pinto, R., Gonçalves, G., Tovar, E., Delsing, J.: Attack detection in cyber-physical production systems using the deterministic dendritic cell algorithm. In: 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), vol. 1, pp. 1552–1559 (2020)
Pinto, R.: M2M using OPC UA (2020)
Rodosek, G.D., Geihs, K., Schmeck, H., Stiller, B.: Self-healing systems: foundations and challenges. In: Self-Healing and Self-Adaptive Systems, no. 09201 (2009)
Sicari, S., Rizzardi, A., Grieco, L.A., Coen-Porisini, A.:Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2015)
Stehman, S.V.: Selecting and interpreting measures of thematic classification accuracy. Remote Sens. Environ. 62(1), 77–89 (1997)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD Cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)
Tsang, R.: Cyberthreats, vulnerabilities and attacks on scada networks. In: Working Paper. University of California, Berkeley (2010). http://gspp.berkeley.edu/iths/Tsang_SCADA%20Attacks.pdf. Accessed 28 Dec 2011
Yi, Y., Jiansheng, W., Wei, X.: Incremental SVM based on reserved set for network intrusion detection. Expert Syst. Appl. 38(6), 7698–7707 (2011)
Zhong, C., Li, N.: Incremental clustering algorithm for intrusion detection using clonal selection. In: 2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application, vol. 1, pp. 326–331. IEEE (2008)
Acknowledgment
This work was financially supported by: INDTECH 4.0 (SP4) - POCI-01-0247-FEDER-026653, co-funded by European Regional Development Fund (FEDER), through Competitiveness and Internationalization Operational Program (POCI) and Base Funding - UIDB/00147/2020 of the Systems and Technologies Center – SYSTEC - funded by national funds through the FCT/MCTES.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Pinto, R., Gonçalves, G., Delsing, J., Tovar, E. (2021). Incremental Dendritic Cell Algorithm for Intrusion Detection in Cyber-Physical Production Systems. In: Arai, K. (eds) Intelligent Computing. Lecture Notes in Networks and Systems, vol 285. Springer, Cham. https://doi.org/10.1007/978-3-030-80129-8_47
Download citation
DOI: https://doi.org/10.1007/978-3-030-80129-8_47
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-80128-1
Online ISBN: 978-3-030-80129-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)