Why Anomaly-Based Intrusion Detection Systems Have Not Yet Conquered the Industrial Market?

S. Seng; J. Garcia-Alfaro; Y. Laarouchi

doi:10.1007/978-3-031-08147-7_23

Why Anomaly-Based Intrusion Detection Systems Have Not Yet Conquered the Industrial Market?

S. Seng
, J. Garcia-Alfaro
, Y. Laarouchi

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

In this position paper, we tackle the following question: why anomaly-based intrusion detection systems (IDS), despite providing excellent results and holding higher (potential) capabilities to detect unknown (zero-day) attacks, are still marginal in the industry, when compared to, e.g., signature-based IDS? We will try to answer this question by looking at the methods and criteria for comparing IDS as well as a specific problem with anomaly-based IDS. We will propose 3 new criteria for comparing IDS. Finally, we focus our discussion under the specific domain of IDS for critical Industrial control systems (ICS).

Original language	English
Title of host publication	Foundations and Practice of Security - 14th International Symposium, FPS 2021, Revised Selected Papers
Editors	Esma Aïmeur, Maryline Laurent, Reda Yaich, Benoît Dupont, Joaquin Garcia-Alfaro
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	341-354
Number of pages	14
ISBN (Print)	9783031081460
DOIs	https://doi.org/10.1007/978-3-031-08147-7_23
Publication status	Published - 1 Jan 2022
Event	14th International Symposium on Foundations and Practice of Security, FPS 2021 - Paris, France Duration: 7 Dec 2021 → 10 Dec 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13291 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	14th International Symposium on Foundations and Practice of Security, FPS 2021
Country/Territory	France
City	Paris
Period	7/12/21 → 10/12/21

Keywords

Anomaly detection
Critical infrastructures
Explainable artificial intelligence
Industrial control system
Intrusion detection system

Access to Document

10.1007/978-3-031-08147-7_23

Cite this

Seng, S., Garcia-Alfaro, J., & Laarouchi, Y. (2022). Why Anomaly-Based Intrusion Detection Systems Have Not Yet Conquered the Industrial Market? In E. Aïmeur, M. Laurent, R. Yaich, B. Dupont, & J. Garcia-Alfaro (Eds.), Foundations and Practice of Security - 14th International Symposium, FPS 2021, Revised Selected Papers (pp. 341-354). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13291 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-08147-7_23

Seng, S. ; Garcia-Alfaro, J. ; Laarouchi, Y. / Why Anomaly-Based Intrusion Detection Systems Have Not Yet Conquered the Industrial Market?. Foundations and Practice of Security - 14th International Symposium, FPS 2021, Revised Selected Papers. editor / Esma Aïmeur ; Maryline Laurent ; Reda Yaich ; Benoît Dupont ; Joaquin Garcia-Alfaro. Springer Science and Business Media Deutschland GmbH, 2022. pp. 341-354 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{0814955d8ef94c59a1042802f365eaf2,

title = "Why Anomaly-Based Intrusion Detection Systems Have Not Yet Conquered the Industrial Market?",

abstract = "In this position paper, we tackle the following question: why anomaly-based intrusion detection systems (IDS), despite providing excellent results and holding higher (potential) capabilities to detect unknown (zero-day) attacks, are still marginal in the industry, when compared to, e.g., signature-based IDS? We will try to answer this question by looking at the methods and criteria for comparing IDS as well as a specific problem with anomaly-based IDS. We will propose 3 new criteria for comparing IDS. Finally, we focus our discussion under the specific domain of IDS for critical Industrial control systems (ICS).",

keywords = "Anomaly detection, Critical infrastructures, Explainable artificial intelligence, Industrial control system, Intrusion detection system",

author = "S. Seng and J. Garcia-Alfaro and Y. Laarouchi",

note = "Publisher Copyright: {\textcopyright} 2022, Springer Nature Switzerland AG.; 14th International Symposium on Foundations and Practice of Security, FPS 2021 ; Conference date: 07-12-2021 Through 10-12-2021",

year = "2022",

month = jan,

day = "1",

doi = "10.1007/978-3-031-08147-7\_23",

language = "English",

isbn = "9783031081460",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "341--354",

editor = "Esma A{\"i}meur and Maryline Laurent and Reda Yaich and Beno{\^i}t Dupont and Joaquin Garcia-Alfaro",

booktitle = "Foundations and Practice of Security - 14th International Symposium, FPS 2021, Revised Selected Papers",

}

Seng, S, Garcia-Alfaro, J & Laarouchi, Y 2022, Why Anomaly-Based Intrusion Detection Systems Have Not Yet Conquered the Industrial Market? in E Aïmeur, M Laurent, R Yaich, B Dupont & J Garcia-Alfaro (eds), Foundations and Practice of Security - 14th International Symposium, FPS 2021, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13291 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 341-354, 14th International Symposium on Foundations and Practice of Security, FPS 2021, Paris, France, 7/12/21. https://doi.org/10.1007/978-3-031-08147-7_23

Why Anomaly-Based Intrusion Detection Systems Have Not Yet Conquered the Industrial Market? / Seng, S.; Garcia-Alfaro, J.; Laarouchi, Y.
Foundations and Practice of Security - 14th International Symposium, FPS 2021, Revised Selected Papers. ed. / Esma Aïmeur; Maryline Laurent; Reda Yaich; Benoît Dupont; Joaquin Garcia-Alfaro. Springer Science and Business Media Deutschland GmbH, 2022. p. 341-354 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13291 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review