Cyber Threat Monitoring Systems - Comparing Attack Detection Performance of Ensemble Algorithms

Cyber-attacks are becoming more sophisticated and thereby more difficult to detect. This is a concern to all, but even more to Critical Infrastructures, like health organizations. A Cyber Threat Monitoring System (CTMS), providing a global approach to detect and analyze cyber-threats for health infrastructures is proposed by combining a set of solutions from Airbus CyberSecurity with a machine learning pipeline to improve detection and provide awareness from cyber side to a more global approach that will combine them with physical incidents. The work is being carried out in the scope of SAFECARE project. In this work, we present the CTMS architecture and present our experimental findings with ensemble learning methods for intrusion detection.