Abstract
Due to the increasing number of threats against Cyber Physical System (CPS) networks, security monitoring in these networks is challenging. Machine learning methods have been widely used to analyse network data and detect intrusions automatically. However, these automated intrusion detection systems (IDSs) are black boxes, and there is no explanation for their decision. Therefore, explainable machine learning techniques can be used to explain the reasons behind the decision made by machine learning-based IDSs. However, there is no sufficient study on explainable IDSs in CPS networks. The other challenge in CPS networks is the growing volume of data. A NetFlow-based analysis is a scalable method suitable for a high volume of data. However, the efficiency of such a method in CPS networks has not been sufficiently investigated. In this chapter, we address these challenges by proposing an explainable NetFlow-based IDS (X-NFIDS) for CPS networks. The Internet of Things (IoT) environment is used as an example of CPS networks. To demonstrate the feasibility of our approach, we perform some preliminary studies of the proposed method using two NetFlow datasets for IoT.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.