Anomaly Detection in Industrial Networks: Current State, Classification, and Key Challenges

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F24%3APU154906" target="_blank" >RIV/00216305:26220/24:PU154906 - isvavai.cz</a>

Výsledek na webu

<a href="https://ieeexplore.ieee.org/document/10797650" target="_blank" >https://ieeexplore.ieee.org/document/10797650</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/JSEN.2024.3512857" target="_blank" >10.1109/JSEN.2024.3512857</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Anomaly Detection in Industrial Networks: Current State, Classification, and Key Challenges

Popis výsledku v původním jazyce

Industrial networks, due to communication convergence, face a growing exposure to cyber threats, necessitating the need to address a wider range of threats, alongside their detectability and classification. As critical components designed with a strong emphasis on availability, industrial networks require precise classification of anomalies, encompassing not just cyber anomalies but also operational and service disruptions. This paper provides an analysis of these anomalies, categorizing them into three groups based on their impact. The key contribution of this study lies in the strategic distribution of data sources across the Operational Technology (OT) network, facilitating the collection of relevant data for application in Machine Learning (ML) or Neural Network (NN) models. A comprehensive review of current anomaly processing techniques in industrial networks is presented, identifying significant research challenges to advance artificial intelligence methods for anomaly classification in OT environments. Additionally, this work examines common statistical methods for anomaly detection and offers a comparative analysis of prevalent ML and NN techniques.

Název v anglickém jazyce

Anomaly Detection in Industrial Networks: Current State, Classification, and Key Challenges

Popis výsledku anglicky

Industrial networks, due to communication convergence, face a growing exposure to cyber threats, necessitating the need to address a wider range of threats, alongside their detectability and classification. As critical components designed with a strong emphasis on availability, industrial networks require precise classification of anomalies, encompassing not just cyber anomalies but also operational and service disruptions. This paper provides an analysis of these anomalies, categorizing them into three groups based on their impact. The key contribution of this study lies in the strategic distribution of data sources across the Operational Technology (OT) network, facilitating the collection of relevant data for application in Machine Learning (ML) or Neural Network (NN) models. A comprehensive review of current anomaly processing techniques in industrial networks is presented, identifying significant research challenges to advance artificial intelligence methods for anomaly classification in OT environments. Additionally, this work examines common statistical methods for anomaly detection and offers a comparative analysis of prevalent ML and NN techniques.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

20203 - Telecommunications

Projekt

Výsledek vznikl pri realizaci vícero projektů. Více informací v záložce Projekty.

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

IEEE SENSORS JOURNAL

ISSN

1530-437X

e-ISSN

1558-1748

Svazek periodika

25

Číslo periodika v rámci svazku

3

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

14

Strana od-do

1-14

Kód UT WoS článku

001418812500050

EID výsledku v databázi Scopus

2-s2.0-85212413140