{"id":"https://openalex.org/W4388074519","doi":"https://doi.org/10.1186/s42400-023-00162-z","title":"EPASAD: ellipsoid decision boundary based Process-Aware Stealthy Attack Detector","display_name":"EPASAD: ellipsoid decision boundary based Process-Aware Stealthy Attack Detector","publication_year":2023,"publication_date":"2023-11-01","ids":{"openalex":"https://openalex.org/W4388074519","doi":"https://doi.org/10.1186/s42400-023-00162-z"},"language":"en","primary_location":{"id":"doi:10.1186/s42400-023-00162-z","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-023-00162-z","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00162-z","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00162-z","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066611403","display_name":"Vikas Maurya","orcid":"https://orcid.org/0000-0002-3650-4804"},"institutions":[{"id":"https://openalex.org/I94234084","display_name":"Indian Institute of Technology Kanpur","ror":"https://ror.org/05pjsgx75","country_code":"IN","type":"education","lineage":["https://openalex.org/I94234084"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Vikas Maurya","raw_affiliation_strings":["Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India","institution_ids":["https://openalex.org/I94234084"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101589780","display_name":"Rachit Agarwal","orcid":"https://orcid.org/0000-0001-7971-3246"},"institutions":[{"id":"https://openalex.org/I94234084","display_name":"Indian Institute of Technology Kanpur","ror":"https://ror.org/05pjsgx75","country_code":"IN","type":"education","lineage":["https://openalex.org/I94234084"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Rachit Agarwal","raw_affiliation_strings":["Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India","Merkle Science, Bangalore, India"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India","institution_ids":["https://openalex.org/I94234084"]},{"raw_affiliation_string":"Merkle Science, Bangalore, India","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026060508","display_name":"Saurabh Kumar","orcid":"https://orcid.org/0000-0002-5643-5076"},"institutions":[{"id":"https://openalex.org/I94234084","display_name":"Indian Institute of Technology Kanpur","ror":"https://ror.org/05pjsgx75","country_code":"IN","type":"education","lineage":["https://openalex.org/I94234084"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Saurabh Kumar","raw_affiliation_strings":["Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India","institution_ids":["https://openalex.org/I94234084"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021517996","display_name":"Sandeep K. Shukla","orcid":"https://orcid.org/0000-0001-5525-7426"},"institutions":[{"id":"https://openalex.org/I94234084","display_name":"Indian Institute of Technology Kanpur","ror":"https://ror.org/05pjsgx75","country_code":"IN","type":"education","lineage":["https://openalex.org/I94234084"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Sandeep Shukla","raw_affiliation_strings":["Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, kanpur, India","institution_ids":["https://openalex.org/I94234084"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5066611403"],"corresponding_institution_ids":["https://openalex.org/I94234084"],"apc_list":null,"apc_paid":null,"fwci":1.0548,"has_fulltext":true,"cited_by_count":7,"citation_normalized_percentile":{"value":0.81923553,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"6","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10876","display_name":"Fault Detection and Control Systems","score":0.9914000034332275,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9901999831199646,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.6749359369277954},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6028391122817993},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5816524028778076},{"id":"https://openalex.org/keywords/ellipsoid","display_name":"Ellipsoid","score":0.546606719493866},{"id":"https://openalex.org/keywords/cyber-physical-system","display_name":"Cyber-physical system","score":0.5311110615730286},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.4700677990913391},{"id":"https://openalex.org/keywords/boundary","display_name":"Boundary (topology)","score":0.4570792019367218},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.41083499789237976},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.31597089767456055},{"id":"https://openalex.org/keywords/geology","display_name":"Geology","score":0.18272185325622559},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.10353472828865051}],"concepts":[{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.6749359369277954},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6028391122817993},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5816524028778076},{"id":"https://openalex.org/C57489055","wikidata":"https://www.wikidata.org/wiki/Q190046","display_name":"Ellipsoid","level":2,"score":0.546606719493866},{"id":"https://openalex.org/C179768478","wikidata":"https://www.wikidata.org/wiki/Q1120057","display_name":"Cyber-physical system","level":2,"score":0.5311110615730286},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.4700677990913391},{"id":"https://openalex.org/C62354387","wikidata":"https://www.wikidata.org/wiki/Q875399","display_name":"Boundary (topology)","level":2,"score":0.4570792019367218},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.41083499789237976},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.31597089767456055},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.18272185325622559},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.10353472828865051},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C13280743","wikidata":"https://www.wikidata.org/wiki/Q131089","display_name":"Geodesy","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1186/s42400-023-00162-z","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-023-00162-z","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00162-z","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:52a63b8edaf44e0ca9506538750dcd50","is_oa":true,"landing_page_url":"https://doaj.org/article/52a63b8edaf44e0ca9506538750dcd50","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cybersecurity, Vol 6, Iss 1, Pp 1-17 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1186/s42400-023-00162-z","is_oa":true,"landing_page_url":"https://doi.org/10.1186/s42400-023-00162-z","pdf_url":"https://cybersecurity.springeropen.com/counter/pdf/10.1186/s42400-023-00162-z","source":{"id":"https://openalex.org/S3035238565","display_name":"Cybersecurity","issn_l":"2523-3246","issn":["2523-3246"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319965","host_organization_name":"Springer Nature","host_organization_lineage":["https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Clean water and sanitation","id":"https://metadata.un.org/sdg/6","score":0.4699999988079071},{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.4300000071525574}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320712","display_name":"Indian Institute of Technology Kanpur","ror":"https://ror.org/05pjsgx75"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4388074519.pdf"},"referenced_works_count":43,"referenced_works":["https://openalex.org/W154790888","https://openalex.org/W1607863177","https://openalex.org/W1613804959","https://openalex.org/W1975964493","https://openalex.org/W2004186751","https://openalex.org/W2010973666","https://openalex.org/W2032695494","https://openalex.org/W2056451850","https://openalex.org/W2080611336","https://openalex.org/W2087432251","https://openalex.org/W2091292848","https://openalex.org/W2092582446","https://openalex.org/W2111404412","https://openalex.org/W2115940646","https://openalex.org/W2119556746","https://openalex.org/W2150755264","https://openalex.org/W2155589794","https://openalex.org/W2156397254","https://openalex.org/W2195015743","https://openalex.org/W2319367234","https://openalex.org/W2343541124","https://openalex.org/W2344795941","https://openalex.org/W2407991977","https://openalex.org/W2580937131","https://openalex.org/W2587918681","https://openalex.org/W2608911009","https://openalex.org/W2613412685","https://openalex.org/W2619874920","https://openalex.org/W2743100796","https://openalex.org/W2751144136","https://openalex.org/W2753352458","https://openalex.org/W2807219356","https://openalex.org/W2884273733","https://openalex.org/W2890112720","https://openalex.org/W2892730875","https://openalex.org/W2922885984","https://openalex.org/W3087102109","https://openalex.org/W3092287343","https://openalex.org/W3109186952","https://openalex.org/W3211656620","https://openalex.org/W4242728933","https://openalex.org/W4247200422","https://openalex.org/W4297709905"],"related_works":["https://openalex.org/W1986006778","https://openalex.org/W2390718407","https://openalex.org/W2005485125","https://openalex.org/W2085363807","https://openalex.org/W2034124193","https://openalex.org/W2379017606","https://openalex.org/W2156319555","https://openalex.org/W2941765012","https://openalex.org/W2171970890","https://openalex.org/W323147296"],"abstract_inverted_index":{"Abstract":[0],"Due":[1],"to":[2,63,68,129,159,174],"the":[3,83,113,117,140,153,187,204,208,212,229],"importance":[4,107],"of":[5,85,89,116,136],"Critical":[6],"Infrastructure":[7],"(CI)":[8],"in":[9,122,139,157,189],"a":[10,193],"nation\u2019s":[11],"economy,":[12],"they":[13],"have":[14,47,55],"been":[15,56],"lucrative":[16],"targets":[17],"for":[18,61,228],"cyber":[19,50,58,71],"attackers.":[20],"These":[21],"critical":[22],"infrastructures":[23],"are":[24,81],"usually":[25],"Cyber-Physical":[26],"Systems":[27],"such":[28,97,109,144],"as":[29,98,108,164],"power":[30],"grids,":[31],"water,":[32],"and":[33,38,79,101,211,226],"sewage":[34],"treatment":[35],"facilities,":[36],"oil":[37],"gas":[39],"pipelines,":[40],"etc.":[41],"In":[42],"recent":[43],"times,":[44],"these":[45,86,161],"systems":[46],"suffered":[48],"from":[49],"attacks":[51,110],"numerous":[52],"times.":[53],"Researchers":[54],"developing":[57],"security":[59,72],"solutions":[60],"CIs":[62],"avoid":[64],"lasting":[65],"damages.":[66],"According":[67],"standard":[69,95],"frameworks,":[70],"based":[73],"on":[74],"identification,":[75],"protection,":[76],"detection,":[77],"response,":[78],"recovery":[80],"at":[82],"core":[84],"research.":[87],"Detection":[88],"an":[90,126],"ongoing":[91],"attack":[92],"that":[93,168,218],"escapes":[94],"protection":[96],"firewall,":[99],"anti-virus,":[100],"host/network":[102],"intrusion":[103],"detection":[104,121,138,154,172],"has":[105],"gained":[106],"eventually":[111],"affect":[112],"physical":[114,123,146],"dynamics":[115,124],"system.":[118],"Therefore,":[119],"anomaly":[120,137],"proves":[125],"effective":[127],"means":[128],"implement":[130],"defense-in-depth.":[131],"PASAD":[132,158],"is":[133],"one":[134],"example":[135],"sensor/actuator":[141],"data,":[142],"representing":[143],"systems\u2019":[145],"dynamics.":[147],"We":[148,200],"present":[149],"EPASAD,":[150],"which":[151],"improves":[152,220],"technique":[155],"used":[156],"detect":[160],"micro-stealthy":[162],"attacks,":[163],"our":[165],"experiments":[166],"show":[167,217],"PASAD\u2019s":[169,221],"spherical":[170,194],"boundary-based":[171],"fails":[173],"detect.":[175],"Our":[176],"method":[177],"EPASAD":[178,202,219],"overcomes":[179],"this":[180],"by":[181,207,224],"using":[182,203],"Ellipsoid":[183],"boundaries,":[184],"thereby":[185],"tightening":[186],"boundaries":[188],"various":[190],"dimensions,":[191],"whereas":[192],"boundary":[195],"treats":[196],"all":[197],"dimensions":[198],"equally.":[199],"validate":[201],"dataset":[205],"produced":[206],"TE-process":[209],"simulator":[210],"C-town":[213],"datasets.":[214],"The":[215],"results":[216],"average":[222],"recall":[223],"5.8%":[225],"9.5%":[227],"two":[230],"datasets,":[231],"respectively.":[232]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":5},{"year":2022,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}