{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T18:12:47Z","timestamp":1764785567283,"version":"3.40.3"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031789793"},{"type":"electronic","value":"9783031789809"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-78980-9_7","type":"book-chapter","created":{"date-parts":[[2025,1,27]],"date-time":"2025-01-27T10:26:34Z","timestamp":1737973594000},"page":"99-114","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Enhancing Industrial Control Systems Security: Real-Time Anomaly Detection with\u00a0Uncertainty Estimation"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7081-0365","authenticated-orcid":false,"given":"Ermiyas","family":"Birihanu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-5052-6846","authenticated-orcid":false,"given":"Ayyoub","family":"Soullami","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6188-4936","authenticated-orcid":false,"given":"Imre","family":"Lend\u00e1k","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,1,28]]},"reference":[{"key":"7_CR1","unstructured":"ISACA. Introduction to ICS\/OT systems and their role in critical infrastructure (2023). https:\/\/www.isaca.org\/resources\/news-and-trends\/isaca-now-blog\/2023\/introduction-to-ics-ot-systems-and-their-role-in-critical-infrastructure. Accessed 19 May 2024"},{"key":"7_CR2","unstructured":"National Institute of Standards and Technology (NIST). Industrial control systems (ICS) (2024). https:\/\/www.nist.gov\/itl\/applied-cybersecurity\/cybersecurity-and-privacy-applications\/industrial-control-systems-ics. Accessed 19 May 2024"},{"key":"7_CR3","doi-asserted-by":"crossref","unstructured":"Birihanu, E., Barcsa-Szab\u00f3, \u00c1., Lend\u00e1k, I.: Proximity-based anomaly detection in securing water treatment. In: 2022 IEEE 2nd Conference on Information Technology and Data Science (CITDS), pp. 34\u201338. IEEE (2022)","DOI":"10.1109\/CITDS54976.2022.9914316"},{"issue":"1","key":"7_CR4","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1109\/TASE.2021.3073396","volume":"20","author":"W Hao","year":"2021","unstructured":"Hao, W., Yang, T., Yang, Q.: Hybrid statistical-machine learning for real-time anomaly detection in industrial cyber-physical systems. IEEE Trans. Autom. Sci. Eng. 20(1), 32\u201346 (2021)","journal-title":"IEEE Trans. Autom. Sci. Eng."},{"issue":"23","key":"7_CR5","doi-asserted-by":"publisher","first-page":"22836","DOI":"10.1109\/JSEN.2022.3211874","volume":"22","author":"H Nizam","year":"2022","unstructured":"Nizam, H., Zafar, S., Lv, Z., Wang, F., Xiaopeng, H.: Real-time deep anomaly detection framework for multivariate time-series data in industrial IoT. IEEE Sens. J. 22(23), 22836\u201322849 (2022)","journal-title":"IEEE Sens. J."},{"key":"7_CR6","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1016\/j.ijcip.2018.08.002","volume":"23","author":"X Clotet","year":"2018","unstructured":"Clotet, X., Moyano, J., Le\u00f3n, G.: A real-time anomaly-based ids for cyber-attack detection at the industrial process level of critical infrastructures. Int. J. Crit. Infrastruct. Prot. 23, 11\u201320 (2018)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"7_CR7","doi-asserted-by":"crossref","unstructured":"Wang, R., Qiu, H., Cheng, X., Liu, X.: Anomaly detection with a container-based stream processing framework for industrial internet of things. J. Industr. Inf. Integr. 35, 100507 (2023)","DOI":"10.1016\/j.jii.2023.100507"},{"issue":"Suppl 1","key":"7_CR8","doi-asserted-by":"publisher","first-page":"1513","DOI":"10.1007\/s10462-023-10562-9","volume":"56","author":"J Gawlikowski","year":"2023","unstructured":"Gawlikowski, J., et al.: A survey of uncertainty in deep neural networks. Artif. Intell. Rev. 56(Suppl 1), 1513\u20131589 (2023)","journal-title":"Artif. Intell. Rev."},{"key":"7_CR9","unstructured":"He, W., Jiang, Z.: A comprehensive survey on uncertainty quantification for deep learning. ACM Comput. Surv. 37(4) (2024)"},{"key":"7_CR10","unstructured":"iMerit. A comprehensive introduction to uncertainty in machine learning (2022). https:\/\/imerit.net\/blog\/a-comprehensive-introduction-to-uncertainty-in-machine-learningall-una\/. Accessed 14 May 2024"},{"issue":"4","key":"7_CR11","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1007\/s10462-023-10698-8","volume":"57","author":"H Tyralis","year":"2024","unstructured":"Tyralis, H., Papacharalampous, G.: A review of predictive uncertainty estimation with machine learning. Artif. Intell. Rev. 57(4), 94 (2024)","journal-title":"Artif. Intell. Rev."},{"key":"7_CR12","doi-asserted-by":"crossref","unstructured":"Legrand, A., Trannois, H., Cournier, A.: Use of uncertainty with autoencoder neural networks for anomaly detection. In: 2019 IEEE Second International Conference on Artificial Intelligence and Knowledge Engineering (AIKE), pp. 32\u201335. IEEE (2019)","DOI":"10.1109\/AIKE.2019.00014"},{"key":"7_CR13","doi-asserted-by":"crossref","unstructured":"Shehu, Y., Harper, R.: Efficient periodicity analysis for real-time anomaly detection. In: NOMS 2023-2023 IEEE\/IFIP Network Operations and Management Symposium, pp. 1\u20136. IEEE (2023)","DOI":"10.1109\/NOMS56928.2023.10154406"},{"issue":"1","key":"7_CR14","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-024-00940-7","volume":"11","author":"W Sun","year":"2024","unstructured":"Sun, W., Li, H., Liang, Q., Zou, X., Chen, M., Wang, Y.: On data efficiency of univariate time series anomaly detection models. J. Big Data 11(1), 1\u201331 (2024)","journal-title":"J. Big Data"},{"key":"7_CR15","unstructured":"Ravikumar, G., Govindarasu, M.: Anomaly detection and mitigation for wide-area damping control using machine learning. IEEE Trans. Smart Grid (2020)"},{"key":"7_CR16","unstructured":"Ardestani, S.B.: Time series anomaly detection and uncertainty estimation using LSTM autoencoders (2020)"},{"key":"7_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1007\/978-3-031-17143-7_24","volume-title":"Computer Security - ESORICS 2022","author":"C Fung","year":"2022","unstructured":"Fung, C., Srinarasi, S., Lucas, K., Phee, H.B., Bauer, L.: Perspectives from a comprehensive evaluation of reconstruction-based anomaly detection in industrial control systems. In: Atluri, V., Di Pietro, R., Jensen, C.D., Meng, W. (eds.) ESORICS 2022. LNCS, vol. 13556, pp. 493\u2013513. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-17143-7_24"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Teixeira, M.A., Salman, T., Zolanvari, M., Jain, R., Meskin, N., Samaka, M.: Scada system testbed for cybersecurity research using machine learning approach. Future Internet 10(8), 76 (2018)","DOI":"10.3390\/fi10080076"},{"issue":"10","key":"7_CR19","doi-asserted-by":"publisher","first-page":"2195","DOI":"10.1007\/s00607-023-01179-5","volume":"105","author":"A Nandi","year":"2023","unstructured":"Nandi, A., Xhafa, F., Kumar, R.: A docker-based federated learning framework design and deployment for multi-modal data stream classification. Computing 105(10), 2195\u20132229 (2023)","journal-title":"Computing"},{"key":"7_CR20","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1016\/j.jmsy.2018.01.003","volume":"48","author":"J Wang","year":"2018","unstructured":"Wang, J., Ma, Y., Zhang, L., Gao, R.X., Wu, D., Methods and applications: Deep learning for smart manufacturing. J. Manuf. Syst. 48, 144\u2013156 (2018)","journal-title":"J. Manuf. Syst."},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Zhang, C., et al.: A deep neural network for unsupervised anomaly detection and diagnosis in multivariate time series data. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 33, pp. 1409\u20131416 (2019)","DOI":"10.1609\/aaai.v33i01.33011409"},{"key":"7_CR22","doi-asserted-by":"crossref","unstructured":"Chen, P.-Y., Yang, S., McCann, J.A.: Distributed real-time anomaly detection in networked industrial sensing systems. IEEE Trans. Industr. Electron. 62(6), 3832\u20133842 (2014)","DOI":"10.1109\/TIE.2014.2350451"},{"issue":"4","key":"7_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3494564","volume":"16","author":"S Bhatia","year":"2022","unstructured":"Bhatia, S., Liu, R., Hooi, B., Yoon, M., Shin, K., Faloutsos, C.: Real-time anomaly detection in edge streams. ACM Trans. Knowl. Discov. Data (TKDD) 16(4), 1\u201322 (2022)","journal-title":"ACM Trans. Knowl. Discov. Data (TKDD)"},{"issue":"01","key":"7_CR24","first-page":"20","volume":"2","author":"G Ranganathan","year":"2020","unstructured":"Ranganathan, G.: Real time anomaly detection techniques using Pyspark frame work. J. Artif. Intell. 2(01), 20\u201330 (2020)","journal-title":"J. Artif. Intell."},{"key":"7_CR25","doi-asserted-by":"crossref","unstructured":"Loganathan, G., Samarabandu, J., Wang, X.: Sequence to sequence pattern learning algorithm for real-time anomaly detection in network traffic. In: 2018 IEEE Canadian Conference on Electrical and Computer Engineering (CCECE), pp. 1\u20134. IEEE (2018)","DOI":"10.1109\/CCECE.2018.8447597"},{"key":"7_CR26","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1016\/j.neucom.2017.04.070","volume":"262","author":"S Ahmad","year":"2017","unstructured":"Ahmad, S., Lavin, A., Purdy, S., Agha, Z.: Unsupervised real-time anomaly detection for streaming data. Neurocomputing 262, 134\u2013147 (2017)","journal-title":"Neurocomputing"},{"key":"7_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1007\/978-3-319-71368-7_8","volume-title":"Critical Information Infrastructures Security","author":"J Goh","year":"2017","unstructured":"Goh, J., Adepu, S., Junejo, K.N., Mathur, A.: A dataset to support research in the design of secure water treatment systems. In: Havarneanu, G., Setola, R., Nassopoulos, H., Wolthusen, S. (eds.) CRITIS 2016. LNCS, vol. 10242, pp. 88\u201399. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-71368-7_8"},{"key":"7_CR28","doi-asserted-by":"crossref","unstructured":"Almeida, G., Bacao, F.: Umap-smotenc: a simple, efficient, and consistent alternative for privacy-aware synthetic data generation. Knowl.-Based Syst. 112174 (2024)","DOI":"10.1016\/j.knosys.2024.112174"},{"key":"7_CR29","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-642-16806-2_5","volume-title":"Critical Infrastructure Protection IV","author":"R Solomakhin","year":"2010","unstructured":"Solomakhin, R., Tsang, P., Smith, S.: High security with low latency in legacy SCADA systems. In: Moore, T., Shenoi, S. (eds.) ICCIP 2010. IAICT, vol. 342, pp. 63\u201379. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-16806-2_5"},{"key":"7_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"263","DOI":"10.1007\/978-3-540-24852-1_19","volume-title":"Applied Cryptography and Network Security","author":"AK Wright","year":"2004","unstructured":"Wright, A.K., Kinast, J.A., McCarty, J.: Low-latency cryptographic protection for SCADA communications. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 263\u2013277. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24852-1_19"}],"container-title":["Lecture Notes in Computer Science","Discovery Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-78980-9_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,27]],"date-time":"2025-01-27T10:26:52Z","timestamp":1737973612000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-78980-9_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031789793","9783031789809"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-78980-9_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"28 January 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Discovery Science","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Pisa","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dis2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ds2024.isti.cnr.it\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}