Abstract
Due to the increasing number of threats against Cyber Physical System (CPS) networks, security monitoring in these networks is challenging. Machine learning methods have been widely used to analyse network data and detect intrusions automatically. However, these automated intrusion detection systems (IDSs) are black boxes, and there is no explanation for their decision. Therefore, explainable machine learning techniques can be used to explain the reasons behind the decision made by machine learning-based IDSs. However, there is no sufficient study on explainable IDSs in CPS networks. The other challenge in CPS networks is the growing volume of data. A NetFlow-based analysis is a scalable method suitable for a high volume of data. However, the efficiency of such a method in CPS networks has not been sufficiently investigated. In this chapter, we address these challenges by proposing an explainable NetFlow-based IDS (X-NFIDS) for CPS networks. The Internet of Things (IoT) environment is used as an example of CPS networks. To demonstrate the feasibility of our approach, we perform some preliminary studies of the proposed method using two NetFlow datasets for IoT.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
