Citation Export
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Jang, Young In | - |
| dc.contributor.author | Choi, Seungoh | - |
| dc.contributor.author | Min, Byung Gil | - |
| dc.contributor.author | Choi, Young June (researcherId=7406117220; isni=0000000405323933; orcid=https://orcid.org/0000-0003-2014-6587) | - |
| dc.date.issued | 2024-10-01 | - |
| dc.identifier.issn | 2079-9292 | - |
| dc.identifier.uri | https://dspace.ajou.ac.kr/dev/handle/2018.oak/34553 | - |
| dc.description.abstract | As cyberattacks targeting industrial control systems continue to evolve, the development of sophisticated technologies to detect these security threats becomes increasingly essential. In addition, it is necessary to update adversarial information constantly. However, this process is complicated by the deployment of heterogeneous equipment, which increases the number of indicators and characteristics that must be analyzed by security administrators. Furthermore, security operation centers often struggle to respond promptly to adversaries because of the high number of false alerts caused by unreliable system labels. These challenges make it difficult to construct reliable detection systems. To address these issues, we propose a robust unsupervised threat-identification method. Our approach involves applying a preprocessing technique tailored to the various data types pertinent to alerts, followed by classifying unlabeled alerts using an autoencoder (AE) model. Despite the presence of numerous false positives, we verified that the proposed model could effectively distinguish between different attack types and identify their relationships with only one round of training in homogeneous and heterogeneous environments within industrial control systems. Moreover, our model can filter and display data classified as actual attacks and generate relational tables. | - |
| dc.description.sponsorship | This work is the result of commissioned research project supported by the affiliated institute of ETRI [2020-046]. | - |
| dc.language.iso | eng | - |
| dc.publisher | Multidisciplinary Digital Publishing Institute (MDPI) | - |
| dc.title | Unsupervised Security Threats Identification for Heterogeneous Events | - |
| dc.type | Article | - |
| dc.citation.title | Electronics (Switzerland) | - |
| dc.citation.volume | 13 | - |
| dc.identifier.bibliographicCitation | Electronics (Switzerland), Vol.13 | - |
| dc.identifier.doi | 10.3390/electronics13204061 | - |
| dc.identifier.scopusid | 2-s2.0-85207676297 | - |
| dc.identifier.url | www.mdpi.com/journal/electronics | - |
| dc.subject.keyword | anomaly detection | - |
| dc.subject.keyword | autoencoder | - |
| dc.subject.keyword | heterogeneous environment | - |
| dc.subject.keyword | unsupervised learning | - |
| dc.description.isoa | true | - |
| dc.subject.subarea | Control and Systems Engineering | - |
| dc.subject.subarea | Signal Processing | - |
| dc.subject.subarea | Hardware and Architecture | - |
| dc.subject.subarea | Computer Networks and Communications | - |
| dc.subject.subarea | Electrical and Electronic Engineering | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
