TY - JOUR
T1 - Insider threat detection in cyber-physical systems
T2 - a systematic literature review
AU - Al-Mhiqani, Mohammed Nasser
AU - Alsboui, Tariq
AU - Al-Shehari, Taher
AU - Abdulkareem, Karrar Hameed
AU - Ahmad, Rabiah
AU - Mohammed, Mazin Abed
N1 - Publisher Copyright:
© 2024 The Authors
PY - 2024/10/1
Y1 - 2024/10/1
N2 - The rapid expansion of cyber-physical systems (CPSs) has introduced new security challenges, leading to the emergence of various threats, attacks, and controls aimed at addressing security concerns in this evolving CPS landscape. However, a noticeable gap exists in the literature, particularly in the field of insider threat detection, which lacks a systematic review of CPS security. This study aims to comprehensively review and analyse relevant studies on insider threat detection in CPS. Employing a systematic protocol, we conducted an extensive search for pertinent articles across five prominent online databases: IEEE Xplore, Web of Science, Scopus, ACM, and ScienceDirect. The selection of these indices was based on their comprehensive coverage and the distinct relevance of their contents to our research topic. The results, guided by defined inclusion and exclusion criteria, yielded a final set of 69 included articles. Notably, 39.1 % of these articles focused on insider threat detection using specification-based methods, while 27.5 % addressed cryptography methods. Machine learning methods constituted 13.04 %, and the remaining 14.5 % included review and survey studies. Insider threats pose significant challenges in global cybersecurity, necessitating effective detection systems, methods, and tools for accurate and rapid identification. This study contributes distinct observations on the insider threat detection research topic in CPS, providing valuable insights for researchers and practitioners to expedite improvements and draw significant guidelines based on this comprehensive systematic review.
AB - The rapid expansion of cyber-physical systems (CPSs) has introduced new security challenges, leading to the emergence of various threats, attacks, and controls aimed at addressing security concerns in this evolving CPS landscape. However, a noticeable gap exists in the literature, particularly in the field of insider threat detection, which lacks a systematic review of CPS security. This study aims to comprehensively review and analyse relevant studies on insider threat detection in CPS. Employing a systematic protocol, we conducted an extensive search for pertinent articles across five prominent online databases: IEEE Xplore, Web of Science, Scopus, ACM, and ScienceDirect. The selection of these indices was based on their comprehensive coverage and the distinct relevance of their contents to our research topic. The results, guided by defined inclusion and exclusion criteria, yielded a final set of 69 included articles. Notably, 39.1 % of these articles focused on insider threat detection using specification-based methods, while 27.5 % addressed cryptography methods. Machine learning methods constituted 13.04 %, and the remaining 14.5 % included review and survey studies. Insider threats pose significant challenges in global cybersecurity, necessitating effective detection systems, methods, and tools for accurate and rapid identification. This study contributes distinct observations on the insider threat detection research topic in CPS, providing valuable insights for researchers and practitioners to expedite improvements and draw significant guidelines based on this comprehensive systematic review.
KW - Cyber security
KW - Cyber-physical systems
KW - Detection
KW - Insider threats
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85199566435&partnerID=8YFLogxK
U2 - 10.1016/j.compeleceng.2024.109489
DO - 10.1016/j.compeleceng.2024.109489
M3 - Literature review
AN - SCOPUS:85199566435
VL - 119
JO - Computers and Electrical Engineering
JF - Computers and Electrical Engineering
SN - 0045-7906
IS - Part A
M1 - 109489
ER -