Industrial network-based behavioral anomaly detection in AI-enabled smart manufacturing

Industrial network-based behavioral anomaly detection in AI-enabled smart manufacturing

© The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2022.

Bibliographische Detailangaben
Veröffentlicht in:The Journal of supercomputing. - 1998. - 78(2022), 11 vom: 23., Seite 13554-13563
1. Verfasser: Kim, HyunJin (VerfasserIn)
Weitere Verfasser: Shon, Taeshik
Format: Online-Aufsatz
Sprache:English
Veröffentlicht: 2022
Zugriff auf das übergeordnete Werk:The Journal of supercomputing
Schlagworte:Journal Article Anomaly detection Network security Smart manufacturing system
LEADER 01000caa a22002652c 4500
001 NLM338708782
003 DE-627
005 20250303045937.0
007 cr uuu---uuuuu
008 231226s2022 xx |||||o 00| ||eng c
024 7 |a 10.1007/s11227-022-04408-4  |2 doi 
028 5 2 |a pubmed25n1128.xml 
035 |a (DE-627)NLM338708782 
035 |a (NLM)35340686 
040 |a DE-627  |b ger  |c DE-627  |e rakwb 
041 |a eng 
100 1 |a Kim, HyunJin  |e verfasserin  |4 aut 
245 1 0 |a Industrial network-based behavioral anomaly detection in AI-enabled smart manufacturing 
264 1 |c 2022 
336 |a Text  |b txt  |2 rdacontent 
337 |a ƒaComputermedien  |b c  |2 rdamedia 
338 |a ƒa Online-Ressource  |b cr  |2 rdacarrier 
500 |a Date Revised 07.07.2022 
500 |a published: Print-Electronic 
500 |a Citation Status PubMed-not-MEDLINE 
520 |a © The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2022. 
520 |a Existing manufacturing systems are isolated from the outside world to protect their sites and systems. However, following the trend of the 4th Industrial Revolution, manufacturing systems have also increased the connectivity of various domains and the convergence of numerous technologies. These systems are referred to as smart manufacturing systems. However, this trend has increased the challenge of network anomaly detection methods, which are a major approach to network security in smart manufacturing. Existing methods define normality under the premise that network components are static, and network operation is periodic compared to the information technology environment. Therefore, comprehensive and volatile network environments require significant time, cost, and labor to define normality. Consequently, artificial intelligence (AI)-based anomaly detection studies have been actively conducted to solve this problem. However, such studies require manual analysis based on expert knowledge of each site during the preprocessing stage to extract the learning features from the collected network data. To solve the above problems, this study proposes a protocol reverse engineering method corresponding to the preprocessing stage of exiting AI studies. Through this method, existing AI-based anomaly detection studies can directly use the collected network data to learn normality without expert knowledge of the site. Furthermore, non-polling or reporting network operating environments that are rarely studied in the manufacturing security domain are targeted. Finally, we propose an anomaly detection method that uses an external signature, time information, the pattern of time intervals, and classified messages. Thus, the proposed method can detect anomalies in the encrypted contents of the manufacturing protocols 
650 4 |a Journal Article 
650 4 |a Anomaly detection 
650 4 |a Network security 
650 4 |a Smart manufacturing system 
700 1 |a Shon, Taeshik  |e verfasserin  |4 aut 
773 0 8 |i Enthalten in  |t The Journal of supercomputing  |d 1998  |g 78(2022), 11 vom: 23., Seite 13554-13563  |w (DE-627)NLM098252410  |x 0920-8542  |7 nnas 
773 1 8 |g volume:78  |g year:2022  |g number:11  |g day:23  |g pages:13554-13563 
856 4 0 |u http://dx.doi.org/10.1007/s11227-022-04408-4  |3 Volltext 
912 |a GBV_USEFLAG_A 
912 |a SYSFLAG_A 
912 |a GBV_NLM 
912 |a GBV_ILN_350 
951 |a AR 
952 |d 78  |j 2022  |e 11  |b 23  |h 13554-13563