{"id":"https://openalex.org/W4412742950","doi":"https://doi.org/10.1109/icps65515.2025.11087889","title":"A Hybrid Anomaly Detection Framework for OT Networks Using Leaky Bucket Algorithm and Principal Component Analysis","display_name":"A Hybrid Anomaly Detection Framework for OT Networks Using Leaky Bucket Algorithm and Principal Component Analysis","publication_year":2025,"publication_date":"2025-05-12","ids":{"openalex":"https://openalex.org/W4412742950","doi":"https://doi.org/10.1109/icps65515.2025.11087889"},"language":"en","primary_location":{"id":"doi:10.1109/icps65515.2025.11087889","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icps65515.2025.11087889","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 8th International Conference on Industrial Cyber-Physical Systems (ICPS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5064692434","display_name":"Alfred Ocaka","orcid":"https://orcid.org/0000-0003-0823-4226"},"institutions":[{"id":"https://openalex.org/I70277191","display_name":"Institute of Technology Carlow","ror":"https://ror.org/02frwys47","country_code":"IE","type":"government","lineage":["https://openalex.org/I70277191"]}],"countries":["IE"],"is_corresponding":true,"raw_author_name":"Alfred Ocaka","raw_affiliation_strings":["South East Technological University,Dept. of Electronic Engineering and Communications,Carlow,Ireland"],"affiliations":[{"raw_affiliation_string":"South East Technological University,Dept. of Electronic Engineering and Communications,Carlow,Ireland","institution_ids":["https://openalex.org/I70277191"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081991523","display_name":"Diarmuid \u00d3 Briain","orcid":"https://orcid.org/0000-0001-5802-0571"},"institutions":[{"id":"https://openalex.org/I70277191","display_name":"Institute of Technology Carlow","ror":"https://ror.org/02frwys47","country_code":"IE","type":"government","lineage":["https://openalex.org/I70277191"]}],"countries":["IE"],"is_corresponding":false,"raw_author_name":"Diarmuid O'Briain","raw_affiliation_strings":["South East Technological University,Dept. of Electronic Engineering and Communications,Carlow,Ireland"],"affiliations":[{"raw_affiliation_string":"South East Technological University,Dept. of Electronic Engineering and Communications,Carlow,Ireland","institution_ids":["https://openalex.org/I70277191"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5040718743","display_name":"Keara Barrett","orcid":"https://orcid.org/0009-0009-8349-9794"},"institutions":[{"id":"https://openalex.org/I70277191","display_name":"Institute of Technology Carlow","ror":"https://ror.org/02frwys47","country_code":"IE","type":"government","lineage":["https://openalex.org/I70277191"]}],"countries":["IE"],"is_corresponding":false,"raw_author_name":"Keara Barrett","raw_affiliation_strings":["South East Technological University,Dept of Computing,Carlow,Ireland"],"affiliations":[{"raw_affiliation_string":"South East Technological University,Dept of Computing,Carlow,Ireland","institution_ids":["https://openalex.org/I70277191"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5064692434"],"corresponding_institution_ids":["https://openalex.org/I70277191"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.09635635,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9660000205039978,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9498000144958496,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/principal-component-analysis","display_name":"Principal component analysis","score":0.7395148277282715},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6668045520782471},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.555916965007782},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5015957355499268},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.5010223388671875},{"id":"https://openalex.org/keywords/robust-principal-component-analysis","display_name":"Robust principal component analysis","score":0.4273070991039276},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.21977367997169495},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.08105418086051941}],"concepts":[{"id":"https://openalex.org/C27438332","wikidata":"https://www.wikidata.org/wiki/Q2873","display_name":"Principal component analysis","level":2,"score":0.7395148277282715},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6668045520782471},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.555916965007782},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5015957355499268},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.5010223388671875},{"id":"https://openalex.org/C2777749129","wikidata":"https://www.wikidata.org/wiki/Q17148469","display_name":"Robust principal component analysis","level":3,"score":0.4273070991039276},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.21977367997169495},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.08105418086051941},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icps65515.2025.11087889","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icps65515.2025.11087889","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 8th International Conference on Industrial Cyber-Physical Systems (ICPS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W2097003291","https://openalex.org/W2118931532","https://openalex.org/W2123583026","https://openalex.org/W2139075905","https://openalex.org/W2147795073","https://openalex.org/W2162267463","https://openalex.org/W2171604933","https://openalex.org/W2290128307","https://openalex.org/W2574169068","https://openalex.org/W2921004497","https://openalex.org/W2966810020","https://openalex.org/W3001562933","https://openalex.org/W3085854806","https://openalex.org/W3138598418","https://openalex.org/W4231106771","https://openalex.org/W4241915340","https://openalex.org/W4280502440","https://openalex.org/W4363677448","https://openalex.org/W4379529434","https://openalex.org/W4385062382","https://openalex.org/W4386881452","https://openalex.org/W4392741075","https://openalex.org/W4401072972","https://openalex.org/W4405303657","https://openalex.org/W6603716672","https://openalex.org/W6678188978","https://openalex.org/W6678745655"],"related_works":["https://openalex.org/W4283792950","https://openalex.org/W2124460284","https://openalex.org/W2563483704","https://openalex.org/W3124370832","https://openalex.org/W3003801099","https://openalex.org/W2003667605","https://openalex.org/W62130100","https://openalex.org/W1980960407","https://openalex.org/W2365825610","https://openalex.org/W659321198"],"abstract_inverted_index":{"The":[0,50,76,103],"increasing":[1],"sophistication":[2],"of":[3],"cybersecurity":[4],"threats":[5],"in":[6,85,99,115],"Operational":[7],"Technology":[8],"(OT)":[9],"environments":[10],"highlights":[11],"the":[12,59,64,108,112],"necessity":[13],"for":[14,37,71],"a":[15,31,53],"lightweight":[16],"and":[17,24,45,63,74,94,128],"efficient":[18],"anomaly":[19,34,61],"detection":[20,35],"framework":[21,36,51,110],"to":[22,69],"identify":[23],"mitigate":[25],"these":[26],"threats.":[27],"This":[28],"paper":[29],"proposes":[30],"hybrid":[32],"multivariate":[33],"OT":[38,101],"networks":[39],"using":[40,119],"Leaky":[41],"Bucket":[42],"Algorithm":[43],"(LBA)":[44],"Principal":[46],"Component":[47],"Analysis":[48],"(PCA).":[49],"employs":[52],"multi-level":[54],"approach,":[55],"where":[56],"LBA":[57],"performs":[58],"initial":[60],"detection,":[62],"identified":[65],"anomalies":[66],"are":[67],"forwarded":[68],"PCA":[70,84,114],"in-depth":[72],"analysis":[73],"validation.":[75],"proposed":[77,109],"framework's":[78],"performance":[79,120],"is":[80],"evaluated":[81],"against":[82],"standard":[83,113],"detecting":[86,116],"various":[87,117],"cyberattacks,":[88],"including":[89],"Denial-of-Service":[90],"(DoS),":[91],"Man-in-the-Middle":[92],"(MiTM)":[93],"Command":[95],"Injection":[96],"Attacks":[97],"(CIA)":[98],"an":[100],"testbed.":[102],"experimental":[104],"results":[105],"demonstrate":[106],"that":[107],"outperformed":[111],"attacks":[118],"metrics":[121],"such":[122],"as":[123],"accuracy,":[124],"precision,":[125],"recall,":[126],"F1-score":[127],"false":[129],"negative":[130],"rate.":[131]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}