A hypergraph based Kohonen map for detecting intrusions over cyber-physical systems traffic

摘要

Cyber-Physical System acts as a cornerstone in Industry 4.0 by integrating information-technology, electrical, and mechanical engineering under the same crown. This cybernetic-mechatronic augmentation expanded the attack vectors in critical infrastructure's network, which gained the attraction of both cyber-offenders and cybersecurity researchers. Though the recent research works focus on developing proficient cybersecurity mechanisms, they often fail to address the major challenges such as handling the unseen zero-day exploits and detecting data irregularities that result in a poor attack detection rate. Hence to address the aforementioned challenges, this research article proposes an intelligent multi-level intrusion detection system to detect data-abnormalities in process-control network packets. The proposed approach involves the following phases: (ⅰ) Bloom-filter based payload level detection, (ⅱ) partition-based Kohonen mapping for learning abnormal data patterns using a deep version of Kohonen neural network enhanced by principal component analysis and partitioning property of Hypergraph, and (ⅲ) BLOSOM - a hybrid anomaly detection model. The impact of the proposed approach has been validated with the high-dimensional and heterogeneous benchmark datasets obtained from Mississippi State University (Gas-pipeline dataset) and Singapore University of Technology and Design (Secure WAter Treatment dataset). The proposed approach outscores the existing State-of-the-art approaches in terms of Precision, Recall, F-Score & Classification Accuracy and found to be robust, scalable & computationally attractive.