Skip to main content
SpringerLink
Log in

Hybrid Intrusion Detection with Decision Tree and Critical State Analysis for CBTC

  • Conference paper
  • First Online:
Proceedings of the 4th International Conference on Electrical and Information Technologies for Rail Transportation (EITRT) 2019 (EITRT 2019)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 640))

Abstract

Communication-based train control (CBTC) is considered as the main organ of urban rail transit systems, which is facing increasingly serious security threats. Intrusion detection systems (IDS) are crucial for security protection. This paper reports the design principles and evaluation results of a novel hybrid intrusion detection system which is suitable for CBTC systems. This hybrid method combines the advantages of the high true positive rate of network-based IDS (NIDS) and the ability of host-based IDS (HIDS) to monitor system behavior, where decision tree and critical state analysis are used, respectively. The proposed method is verified on a semi-physical simulation platform of CBTC and the experiments show that the designed scheme can detect intrusions accurately with a 97.8% detection rate.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Farooq J, Soler J (2017) Radio communication for communications-based train control (CBTC): a tutorial and survey. IEEE Commun Surv Tutorials 19(3):1377–1402

    Article  Google Scholar 

  2. Barbará D, Jajodia S (eds) (2002) Applications of data mining in computer security (vol 6). Springer Science & Business Media

    Google Scholar 

  3. Mantere M, Sailio M, Noponen S (2014) A module for anomaly detection in ICS networks. In: Proceedings of the 3rd international conference on high confidence networked systems. ACM

    Google Scholar 

  4. Zhu B, Sastry S (2010) SCADA-specific intrusion detection/prevention systems: a survey and taxonomy. In: 40th COSPAR scientific assembly. Held 2–10 Aug 2014, in Moscow, Russia, Abstract F4.6-18-14

    Google Scholar 

  5. Buczak AL, Guven E (2016) A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun Surv Tutorials 18(2):1153–1176

    Article  Google Scholar 

  6. Ponomarev S, Atkison T (2016) Industrial control system network intrusion detection by telemetry analysis. IEEE Trans Dependable Secure Comput 13(2):252–260

    Article  Google Scholar 

  7. Pal S, Sikdar B, Chow J (2016) Detecting data integrity attacks on SCADA systems using limited PMUs. In: 2016 IEEE international conference on smart grid communications (SmartGridComm). IEEE

    Google Scholar 

  8. Valdes A, Cheung S (2009) Communication pattern anomaly detection in process control systems. In: IEEE Conference on IEEE technologies for homeland security, 2009. HST ‘09, pp 22–29

    Google Scholar 

  9. Zhu L, Yu FR, Wang F (2015) Introduction to communications-based train control. In: Advances in communications-based train control systems. CRC Press, pp 22–34

    Google Scholar 

  10. Ramdas, V et al (2010) ERTMS level 3 risks and benefits to UK railways. Transport Research Laboratory, Client project report CPR798 (2010)

    Google Scholar 

  11. Umanol M, Okamoto H, Hatono I et al (1994) Fuzzy decision trees by fuzzy ID3 algorithm and its application to diagnosis systems. In: IEEE international fuzzy systems conference

    Google Scholar 

  12. Carcano A et al (2011) A multidimensional critical state analysis for detecting intrusions in SCADA systems. IEEE Trans Ind Inf 7(2):179–186

    Article  MathSciNet  Google Scholar 

  13. Yang Y et al (2017) Multidimensional intrusion detection system for IEC 61850-based SCADA networks. IEEE Trans Power Deliv 32(2):1068–1078

    Article  Google Scholar 

  14. Tsai C-F et al (2009) Intrusion detection by machine learning: a review. Expert Syst Appl 36(10):11994–12000

    Article  Google Scholar 

Download references

Acknowledgements

This paper was supported by grants from the National Natural Science Foundation of China (No. 61603031), Beijing Natural Science Foundation (No. L181004), and projects (No. I19L00090), State Key Laboratory of Traffic Control and Safety of Beijing Jiaotong University, and projects (No. I18JB00110), and Beijing Laboratory for Urban Mass Transit.

Author information

Authors and Affiliations

  1. Beijing Jiaotong University, Beijing, 100044, People’s Republic of China

    Yajie Song & Bing Bu

  2. Beijing Traffic Control Technology Company, Beijing, China

    Xuetao Yang

Authors
  1. Yajie Song
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bing Bu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xuetao Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yajie Song .

Editor information

Editors and Affiliations

  1. National Innovation Center of High Speed Train, Qingdao, China

    Baoming Liu

  2. State Key Laboratory of Rail Traffic Control and Safety, Beijing Jiaotong University, Beijing, China

    Limin Jia

  3. State Key Laboratory of Rail Traffic Control and Safety, Beijing Jiaotong University, Beijing, Beijing, China

    Yong Qin

  4. Beijing Jiaotong University, Beijing, China

    Zhigang Liu

  5. Beijing Jiaotong University, Beijing, China

    Lijun Diao

  6. School of Science, Engineering and Environment, University of Salford, Salford, UK

    Min An

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Song, Y., Bu, B., Yang, X. (2020). Hybrid Intrusion Detection with Decision Tree and Critical State Analysis for CBTC. In: Liu, B., Jia, L., Qin, Y., Liu, Z., Diao, L., An, M. (eds) Proceedings of the 4th International Conference on Electrical and Information Technologies for Rail Transportation (EITRT) 2019. EITRT 2019. Lecture Notes in Electrical Engineering, vol 640. Springer, Singapore. https://doi.org/10.1007/978-981-15-2914-6_16

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-2914-6_16

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-2913-9

  • Online ISBN: 978-981-15-2914-6

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation