Security Orchestration with Explainability for Digital Twins-based Smart Systems

dc.contributorAalto-yliopistofi
dc.contributorAalto Universityen
dc.contributor.authorNguyen, Trien_US
dc.contributor.authorNgoc Lam, Anen_US
dc.contributor.authorNguyen, Phuen_US
dc.contributor.authorTruong, Linhen_US
dc.contributor.departmentDepartment of Computer Scienceen
dc.contributor.editorShahriar, Hossainen_US
dc.contributor.editorOhsaki, Hiroyukien_US
dc.contributor.editorSharmin, Moushumien_US
dc.contributor.editorTowey, Daveen_US
dc.contributor.editorMajumder, AKM Jahangir Alamen_US
dc.contributor.editorHori, Yoshiakien_US
dc.contributor.editorYang, Ji-Jiangen_US
dc.contributor.editorTakemoto, Michiharuen_US
dc.contributor.editorSakib, Nazmusen_US
dc.contributor.editorBanno, Ryoheien_US
dc.contributor.editorAhamed, Sheikh Iqbalen_US
dc.contributor.groupauthorProfessorship Truong L.en
dc.contributor.groupauthorComputer Science Professorsen
dc.contributor.groupauthorComputer Science - Computing Systems (ComputingSystems)en
dc.contributor.organizationSINTEFen_US
dc.date.accessioned2024-10-02T06:46:03Z
dc.date.available2024-10-02T06:46:03Z
dc.date.issued2024-08-26en_US
dc.description.abstractThe Digital Twin (DT) paradigm has been largely adopted for many smart systems in various domains. Due to the heterogeneous and distributed nature of the physical twins, these systems increasingly incorporate disparate security tools, especially those based on service-based AI/ML capabilities. That presents numerous challenges in achieving a comprehensive understanding of security analytics and explainability in security operations carried out by ML-based security services, which require continuous monitoring and optimization to remain effective. This paper aims to support security service integration and automated analyses with enhanced explainability in DTs. We introduce a novel framework that unifies runtime contexts to facilitate security services unification and operation interpretation in security orchestration. We define a workflow and provide necessary services for generating security reports across physical and logical layers. Leveraging a centralized knowledge service, we let security analysts incorporate domain knowledge in automating incident reasoning and security enforcement at the logical layer. We demonstrate our explainability framework on a DT of an Industry 4.0 toy factory with two ML-based security services detecting network anomalies. Our experiments show a significant reduction in manual effort for orchestrating security incident analysis and mitigation.en
dc.description.versionPeer revieweden
dc.format.extent10
dc.format.mimetypeapplication/pdfen_US
dc.identifier.citationNguyen, T, Ngoc Lam, A, Nguyen, P & Truong, L 2024, Security Orchestration with Explainability for Digital Twins-based Smart Systems . in H Shahriar, H Ohsaki, M Sharmin, D Towey, AKM J A Majumder, Y Hori, J-J Yang, M Takemoto, N Sakib, R Banno & S I Ahamed (eds), Proceedings - 2024 IEEE 48th Annual Computers, Software, and Applications Conference, COMPSAC 2024 . IEEE, pp. 1194-1203, IEEE Annual Computer Software and Applications Conference, Osaka, Japan, 02/07/2024 . https://doi.org/10.1109/COMPSAC61105.2024.00159en
dc.identifier.doi10.1109/COMPSAC61105.2024.00159en_US
dc.identifier.isbn979-8-3503-7696-8
dc.identifier.otherPURE UUID: 7d851ef9-4240-4d4c-a09d-8496c933ebbaen_US
dc.identifier.otherPURE ITEMURL: https://research.aalto.fi/en/publications/7d851ef9-4240-4d4c-a09d-8496c933ebbaen_US
dc.identifier.otherPURE LINK: http://www.scopus.com/inward/record.url?scp=85204030078&partnerID=8YFLogxKen_US
dc.identifier.otherPURE FILEURL: https://research.aalto.fi/files/159919166/submit_compsac2024149909.pdfen_US
dc.identifier.urihttps://aaltodoc.aalto.fi/handle/123456789/131065
dc.identifier.urnURN:NBN:fi:aalto-202410026605
dc.language.isoenen
dc.relation.ispartofProceedings - 2024 IEEE 48th Annual Computers, Software, and Applications Conference, COMPSAC 2024
dc.relation.ispartofpp. 1194-1203
dc.relation.ispartofIEEE Annual Computer Software and Applications Conferenceen
dc.rightsopenAccessen
dc.subject.keywordDigital Twinen_US
dc.subject.keywordExplainabilityen_US
dc.subject.keywordMachine Learningen_US
dc.subject.keywordSecurity Orchestrationen_US
dc.subject.keywordSmart IoT Systemsen_US
dc.titleSecurity Orchestration with Explainability for Digital Twins-based Smart Systemsen
dc.typeA4 Artikkeli konferenssijulkaisussafi
dc.type.versionacceptedVersion

Files