HYRIDE: HYbrid and Robust Intrusion DEtection approach for enhancing cybersecurity in Industry 4.0
Why this work is in the frame
A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.
Bibliographic record
Abstract
The interconnectedness and smartness aspect between several components of Industry 4.0 has caused sudden increase in data and its exchange, which has resulted in significant cybersecurity challenges. Thus, a better threat intelligence technique is required for monitoring and identifying malicious cyberattacks. However, distinguishing between a normal event and a cyberattack can be difficult because label information is mostly unavailable. Therefore, it is imperative to develop a threat intelligence system that operates more effectively without supervision, i.e., without a label. Additionally, reducing the false positive rate in cyber threat detection is a more promising step for a safer and more reliable environment. Also, the enormous number of features in the data for intrusion detection tasks sometimes results in significant computing costs. Therefore, a novel hybrid feature selection based unsupervised intrusion detection system is proposed, which is termed as HYbrid and Robust Intrusion DEtection (HYRIDE), that uses a wide variety of feature selection techniques to obtain the fewest, best possible features. The local outlier factor, elliptic envelope, and histogram-based outlier score models are then trained using these features to identify threats in network traffic automatically. As a result, HYRIDE can effectively and efficiently distinguish between normal events and intrusions. The proposed methodology is empirically evaluated using popular datasets such as Telemetry datasets of Internet of Things (IoT) services, Operating systems datasets of Windows and Linux, as well as datasets of Network traffic (TON_IoT), University of New South Wales-Network Benchmark (UNSW-NB15), and Canadian Institute of Cybersecurity Intrusion Detection System (CICIDS 2017).
Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.
Full frame distilled prediction
Teacher imitationNot calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.
Codex and Gemma teacher scores by category
| Category | Codex | Gemma |
|---|---|---|
| Metaresearch | 0.001 | 0.000 |
| Meta-epidemiology (narrow) | 0.000 | 0.000 |
| Meta-epidemiology (broad) | 0.000 | 0.000 |
| Bibliometrics | 0.000 | 0.000 |
| Science and technology studies | 0.000 | 0.000 |
| Scholarly communication | 0.000 | 0.001 |
| Open science | 0.000 | 0.000 |
| Research integrity | 0.000 | 0.000 |
| Insufficient payload (model declined to judge) | 0.000 | 0.000 |
Machine scores (provisional)
The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.
Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it