Knowledge diversity is becoming an important research topic in many fields, and assessing it can be useful for many purposes in many domains. In this paper, we present a first attempt to model knowledge diversity in intrusion detection field. IT attacks can be modelled through different techniques; in this way they can be evaluated for their risk and then it is also possible to implement some mitigation tools. The approach followed in our work aims at combining the formalism of Petri nets and Machine Learning techniques in order to detect intrusions and suspicious behaviours. Thanks to Petri nets, it is possible to highlight the critical points where a further analysis is needed. Basically, a normal behavior can be represented by a Petri Net capable to run correctly from the starting place to the ending one; an anomalous one by a Petri Net where some critical transition are activated that are not considered in the normal one, or, if considered, that can be further investigated thanks to the adoption of complimentary methods, like Machine Learning. In this paper tree-based classifiers have been applied to classify the instances of the data set and distinguish them between normal behaviour and attacks. A case study from Mississippi State University has been adopted to validate our research.
Sartori, F., Savi, M., Tarrini, G., Talpini, J. (2025). Towards a Knowledge Diversity Notion to Identify Intrusions in Industrial Contexts. In 2024 32nd International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) (pp.92-97). IEEE Computer Society [10.1109/wetice64632.2024.00025].
Towards a Knowledge Diversity Notion to Identify Intrusions in Industrial Contexts
Sartori, Fabio
Primo
;Savi, MarcoSecondo
;Tarrini, GaiaPenultimo
;Talpini, JacopoUltimo
2025
Abstract
Knowledge diversity is becoming an important research topic in many fields, and assessing it can be useful for many purposes in many domains. In this paper, we present a first attempt to model knowledge diversity in intrusion detection field. IT attacks can be modelled through different techniques; in this way they can be evaluated for their risk and then it is also possible to implement some mitigation tools. The approach followed in our work aims at combining the formalism of Petri nets and Machine Learning techniques in order to detect intrusions and suspicious behaviours. Thanks to Petri nets, it is possible to highlight the critical points where a further analysis is needed. Basically, a normal behavior can be represented by a Petri Net capable to run correctly from the starting place to the ending one; an anomalous one by a Petri Net where some critical transition are activated that are not considered in the normal one, or, if considered, that can be further investigated thanks to the adoption of complimentary methods, like Machine Learning. In this paper tree-based classifiers have been applied to classify the instances of the data set and distinguish them between normal behaviour and attacks. A case study from Mississippi State University has been adopted to validate our research.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
