Feature Selection and Classification Models of Intrusion Detection Systems -A Review on Industrial Critical Infrastructure Perspective

Abstract

It is self-evident that recently, humanity has entered the fourth industrial revolution. With the advent of the Internet of Things, cloud computing, and Artificial Intelligence, industrial critical infrastructures such as power plants, oil and gas plants, heavy industries, nuclear plants, and water treatment facilities are experiencing disruptive growth. This era of industrialization, nevertheless, has carried with it its new myriad of issues, notably regarding cyber security threats. Nowadays, industrial processes are openly connected to the internet, and internet-connected machines are almost always highly susceptible to security breaches by adversaries despite sufficient cyber security safeguards. Intrusion detection systems (IDS) are designed to employ classification models to detect malicious attacks such as service attacks, probing attacks, etc. In intrusion detection, the phase that reduces the number of similar traffic attributes while sustaining the accuracy of classification is a requirement that considerably improves an intrusion detection system's overall efficacy. This chapter focuses on (i) various feature selection methods in IDS, (ii) ML&DL classification models in IDS of industrial systems, (iii) Various ensemble feature selection models are analyzed, and a novel ensemble feature selection model for IDS is proposed.