Abstract
With digitization, critical infrastructures face a higher risk of security incidents and attacks on cyber-physical systems (CPS). In the past 50 years, research and practice have developed various approaches to monitor and detect attacks such as with anomaly detection. While many approaches focuses on artificial neural networks, bio-inspired approaches utilize nature as reference. For example, artificial immune systems (AIS) refer to principles of the natural immune system. In this paper, we investigate the Negative Selection Algorithm (NSA), an algorithm from the domain of AIS for anomaly detection in CPS. Particularly in CPS, datasets can become quite complex and can require a number of detectors for the analysis. Therefore, we will investigate how AIS can be extended to handle and manage complex datasets of CPS. We propose two models that use Principal Component Analysis (PCA) and Autoencoder (AE) to enable dimensionality reduction. Using these models, we are able to show that it is possible to apply the NSA approach to such datasets. Our results indicate that the use of PCA and AE is beneficial for both a better representation of the data and therefore significantly relevant for an improvement of the detection rate, and provides in addition the possibility to add further features to support the identification of anomalies. As the NSA approach allows for distributed computation, it might be possible to allow faster or distributed detection; the extent to which this is possible remains to be investigated and therefore represents future work.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
https://archive.ics.uci.edu/ml/datasets.php (last access: 27/07/21).
- 2.
International Atomic Energy Agency.
- 3.
Available at: https://archive.ics.uci.edu/ml/datasets/Iris [9].
References
Busquim E Silva, R.A., Shirvan, K., Piqueira, J.R.C., Marques, R.P.: Development of the Asherah nuclear power plant simulator for cyber security assessment. In: International Conference on Nuclear Security (ICONS), Vienna, Austria, February 2020
Chen, W., Liu, X.J., Li, T., Shi, Y.Q., Zheng, X.F., Zhao, H.: A negative selection algorithm based on hierarchical clustering of self set and its application in anomaly detection. Int. J. Comput. Intell. Syst. 4(4), 410–419 (2011)
Chollet, F., et al.: Keras (2015). https://keras.io
Cross, S.S., Harrison, R.F., Kennedy, R.L.: Introduction to neural networks. The Lancet 346(8982), 1075–1079 (1995)
Dasgupta, D., Attoh-Okine, N.A.: Immunity-based systems: a survey. In: 1997 IEEE International Conference on Systems, Man, and Cybernetics. Computational Cybernetics and Simulation, vol. 1, pp. 369–374 (1997). https://doi.org/10.1109/ICSMC.1997.625778
Dasgupta, D., Forrest, S.: An anomaly entection algorithm inspired by the immune syste. In: Dasgupta, D. (ed.) Artificial Immune Systems and Their Applications, pp. 262–277. Springer, Heidelberg (1999). https://doi.org/10.1007/978-3-642-59901-9_14
Fan, Z., Wen, C., Tao, L., Xiaochun, C., Haipeng, P.: An antigen space triangulation coverage based real-value negative selection algorithm. IEEE Access 7, 51886–51898 (2019)
Fang, X., Li, L.: An improved artificial immune approach to network intrusion detection. In: 2010 2nd International Conference on Advanced Computer Control, vol. 2, pp. 39–44. IEEE (2010)
Fisher, R.A.: The use of multiple measurements in taxonomic problems. Ann. Eugenics 7(2), 179–188 (1936)
Forrest, S., Perelson, A.S., Allen, L., Cherukuri, R.: Self-nonself discrimination in a computer. In: Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 202–212. IEEE (1994)
Goldberg, D.E.: The genetic algorithm approach: why, how, and what next? In: Narendra, K.S. (ed.) Adaptive and Learning Systems, pp. 247–253. Springer, Boston (1986). https://doi.org/10.1007/978-1-4757-1895-9_17
González, F., Dasgupta, D.: A study of artificial immune systems applied to anomaly detection. Ph.D. thesis, University of Memphis Memphis (2003)
Greensmith, J., Whitbrook, A., Aickelin, U.: Artificial immune systems. In: Gendreau, M., Potvin, J.Y. (eds.) Handbook of Metaheuristics. ISOR, vol. 146, pp. 421–448. Springer, Boston (2010). https://doi.org/10.1007/978-1-4419-1665-5_14
Guo, J., Liu, G., Zuo, Y., Wu, J.: An anomaly detection framework based on autoencoder and nearest neighbor. In: 2018 15th International Conference on Service Systems and Service Management (ICSSSM), pp. 1–6. IEEE (2018)
Hofmeyr, S.A.: An interpretative introduction to the immune system. In: Design Principles for the Immune System and Other Distributed Autonomous Systems, vol. 3, pp. 28–36 (2000)
Ji, Z., Dasgupta, D.: Real-valued negative selection algorithm with variable-sized detectors. In: Deb, K. (ed.) GECCO 2004. LNCS, vol. 3102, pp. 287–298. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24854-5_30
Ji, Z., Dasgupta, D.: Revisiting negative selection algorithms. Evol. Comput. 15(2), 223–251 (2007)
Jinquan, Z., Xiaojie, L., Tao, L., Caiming, L., Lingxi, P., Feixian, S.: A self-adaptive negative selection algorithm used for anomaly detection. Prog. Nat. Sci. 19(2), 261–266 (2009)
Kim, J., Bentley, P.J., Aickelin, U., Greensmith, J., Tedesco, G., Twycross, J.: Immune system approaches to intrusion detection-a review. Nat. Comput. 6(4), 413–466 (2007). https://doi.org/10.1007/s11047-006-9026-4
Klambauer, G., Unterthiner, T., Mayr, A., Hochreiter, S.: Self-normalizing neural networks (2017)
Kluyver, T., et al.: Jupyter Notebooks? a publishing format for reproducible computational workflows. In: Loizides, F., Scmidt, B. (eds.) Positioning and Power in Academic Publishing: Players, Agents and Agendas, pp. 87–90. IOS Press (2016). https://eprints.soton.ac.uk/403913/
Li, D., Liu, S., Zhang, H.: Negative selection algorithm with constant detectors for anomaly detection. Appl. Soft Comput. 36, 618–632 (2015)
Nemati, L., Shakeri, M.: Negative selection based data classification with flexible boundaries. J. Comput. Robot. 11(2), 69–85 (2018)
Ng, A., et al.: UFLDL tutorial (2013). http://ufldl.stanford.edu/tutorial. Accessed 12 Apr 2021
Nuclear Energy Institute (NEI): Digital: The new word in nuclear power plant control rooms (2016). https://electricenergyonline.com/article/energy/category/generation/52/583260/digital-the-new-word-in-nuclear-power-plant-control-rooms.html. Accessed 21 Mar 2021
Pedregosa, F., et al.: Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12(85), 2825–2830 (2011). http://jmlr.org/papers/v12/pedregosa11a.html
Rowland, M.T., Busquim e Silva, R.A.: Enhancing computer security incident analysis at nuclear facilities (2015). https://www.iaea.org/projects/crp/j02008. Accessed 23 Mar 2021
Seidel, R.: The upper bound theorem for polytopes: an easy proof of its asymptotic version. Comput. Geom. 5(2), 115–116 (1995). https://doi.org/10.1016/0925-7721(95)00013-Y
Shlens, J.: A tutorial on principal component analysis. Computing Research Repository (CoRR) abs/1404.1100 (2014). http://arxiv.org/abs/1404.1100
Slowik, J.: Evolution of ICS attacks and the prospects for future disruptive events, February 2019. https://www.dragos.com/resource/evolution-of-ics-attacks-and-the-prospects-for-future-disruptive-events/. Accessed 22 Mar 2021
Stibor, T.: On the appropriateness of negative selection for anomaly detection and network intrusion detection. Ph.D. thesis, Technische Universität Darmstadt (2006)
Stibor, T., Bayarou, K.M., Eckert, C.: An investigation of R-chunk detector generation on higher alphabets. In: Deb, K. (ed.) GECCO 2004. LNCS, vol. 3102, pp. 299–307. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24854-5_31
U.S. Nuclear Regulatory Commission: 1979 annual report (1979). https://tmi2kml.inl.gov/Documents/4e-NRC-Annual/1979%20NRC%20Annual%20Report%20(NUREG-0690).pdf. Accessed 23 Mar 2021
Virtanen, P., et al.: SciPy 1.0: fundamental algorithms for scientific computing in Python. Nat. Methods 17, 261–272 (2020). https://doi.org/10.1038/s41592-019-0686-2
Yang, C., Jia, L., Chen, B.Q., Wen, H.Y.: Negative selection algorithm based on antigen density clustering. IEEE Access 8, 44967–44975 (2020)
Zhang, R., Li, T., Xiao, X.: A real-valued negative selection algorithm based on grid for anomaly detection. In: Abstract and Applied Analysis, vol. 2013. Hindawi (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Reuter, L., Leitner, M., Smith, P., Koschuch, M. (2022). Dealing with Complexity for Immune-Inspired Anomaly Detection in Cyber Physical Systems. In: Krishnan, R., Rao, H.R., Sahay, S.K., Samtani, S., Zhao, Z. (eds) Secure Knowledge Management In The Artificial Intelligence Era. SKM 2021. Communications in Computer and Information Science, vol 1549. Springer, Cham. https://doi.org/10.1007/978-3-030-97532-6_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-97532-6_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-97531-9
Online ISBN: 978-3-030-97532-6
eBook Packages: Computer ScienceComputer Science (R0)