Evaluation of Machine Learning Algorithms for Anomaly Detection

The cyber-physical security of Industrial Control Systems (ICSs) represents an actual and worthwhile research topic. In this paper, we compare and evaluate different Machine Learning (ML) algorithms for anomaly detection in industrial control networks. We analyze supervised and unsupervised ML-based anomaly detection approaches using datasets extracted from the Secure Water Treatment (SWaT), a testbed developed to emulate a scaled-down real industrial plant. Our experiments show strengths and limitations of the two ML-based anomaly detection approaches for industrial networks.</div

Insider Threat Risk Prediction based on Bayesian Network

Insider threat protection has received increasing attention in the last ten years due to the serious con-sequences of malicious insider threats. Moreover, data leaks and the sale of mass data have become much simpler to achieve, e.g., the dark web can allow malicious insiders to divulge confidential data whilst hiding their identities. In this paper, we propose a novel approach to predict the risk of malicious insider threats prior to a breach taking place. Firstly, we propose a new framework for insider threat risk prediction, drawing on technical, organisational and human factor perspectives. Secondly, we employ a Bayesian network to model and implement the proposed framework. Furthermore, this Bayesian network-based prediction model is evaluated in a range of challenging environments. The risk level predictions for each authorised users within the organisation are examined so that any in-sider threat risk can be identified. The proposed insider threat prediction model achieved better results when compared to the empirical judgements of security experts.</p

Privacy-aware secure anonymous communication protocol in CPSS

Cloud computing has emerged as a promising paradigm for the Internet of Things (IoT) and Cyber-Physical-Social Systems (CPSS). However, the problem of how to ensure the security of data transmission and data storage in CPSS is a key issue to address. We need to protect the confidentiality and privacy of users’ data and users’ identity during the transmission and storage process in CPSS. In order to avoid users’ personal information leakage from IoT devices during the process of data processing and transmitting, we propose a certificateless encryption scheme, and conduct a security analysis under the assumption of Computational Diffie-Hellman(CDH) Problem. Furthermore, based on the proposed cryptography mechanism, we achieve a novel anonymous communication protocol to protect the identity privacy of communicating units in CPSS. In the new protocol, an anonymous communication link establishment method and an anonymous communication packet encapsulation format are proposed. The Diffie-Hellman key exchange algorithm is used to construct the anonymous keys distribution method in the new link establishment method. And in the new onion routing packet encapsulation format, the session data are firstly separated from the authentication data to decrease the number of cryptography operations. That is, by using the new onion routing packet we greatly reduces the encryption operations and promotes the forwarding efficiency of anonymous messages, implementing the privacy, security and efficiency in anonymous communication in cyber-physical-social systems