Publikasjonsdetaljer
- Del av: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: Securing Critical Infrastructures in Air Transport, Finance, Gas, Healthcare, and Industry (Now Publishers Inc., 2021)
- Sider: 495–514
- År: 2021
- Lenke:
Anomaly detection is a family of analytical techniques that identifies and learns typical properties of a system and reports significant deviations from the typical system’s normal properties as outliers. The anomaly detection techniques can provide protection from new zero-day attacks whenever these attacks lead to deviations from typical behaviours of the system, and do not require a balanced training set in which both malicious and benign events are equally represented. These techniques are better fit for real industrial systems where malicious events are much rarer
than benign events. They are important tools to detect abnormalities in the critical financial infrastructures and services. The FINSEC project has developed scalable
anomaly detection for cyber-physical integrated security using physical (e.g., cameras) and cyber probes (e.g., Skydive, IDS [Intrusion Detection Systems], etc.).