This is an application for multi-sensor data fusion alongwith the integration of location-based fusion using Dempster Shafer Theory.
The publications related to the following works are:
- Multi-Source Multi-Domain Data Fusion for Cyberattack Detection in Power Systems ,IEEE Access, Aug 2021
- Inter-Domain Fusion for Enhanced Intrusion Detection in Power Systems: An Evidence Theoretic and Meta-Heuristic Approach ,MDPI Sensors, Feb 2022
Description of the files and folders within PythonScripts folder
-
DataFusion.py: This is the main class for collecting information from different sensors.extract_pcap()function extracts Round Trip Time and TCP Retransmission information using Pyshark.extract_physical_data()extracts the DNP3 header information, whileextract_physical_data_with_values()extracts the DNP3 Point information from the pcaps.extract_single_layer()individually extracts the DNP3 Application, Transport and Link Layer information. The function code specific functions are:extract_dnp3_read_request(),extract_dnp3_direct_operate(),extract_dnp3_response(), etc. Theextract_cyber_data()function extracts the cyber information from the Network, Transport, Link layer headers.extract_packetbeat()connects the Packetbeat index within ElasticSearch.merge_packetbeat()merges the flow-based information from Packetbeat to the cyber features.extract_snort(),process_snort()andmerge_Snort()are the functions to extract Snort IDS alerts and merge with the cyber feature space.merge_by_location()merges cyber and physical features based on the timestamps.merge_by_location()merges the cyber and physical features based on packet captured at different location in the network. -
CoTrainedScores.py: This is semi-supervised learning classifier used for intrusion detection. The codes are implemented for different use-cases. -
GetData.py: This is the code for extracting the data into the front end application. -
GetStepData.py: This is the code for extracting the data sequentially at evert stage of feature transformation. -
GetTrainedScores.py: Code for IDS training with supervised learning based classifier.
Description of other files
MainForm.cs: It is the main Windows application for data fusion.SequenceForm.cs: The application to sequentially visualize feature transformation at every stage.DSTheory.cs: This is the code for implementation of rules of combination from Dempster Shafer Theory.DSTheoryForm.cs: Application for visualization of results from Dempster Shafer TheoryChartForm.cs: A window for populating all the charts contents.