Industrial Control Systems monitor, automate, and operate complex infrastructure and processes that integrate into critical industrial sectors that affect our daily lives. With the advent of networking and automation, these systems have moved from being dedicated and independent to centralized corporate infrastructure. While this has facilitated the monitoring and overall management using traditional detection methods, Web Application Firewalls or Intrusion Detection Systems has exposed the networks subjecting them to Behavior-based cybersecurity attacks. Such attacks alter the control flow and processes and have the malicious ability to alter the functioning of these systems altogether. This research focuses on the use of process analytics to detect attacks in the industrial control infrastructure systems and compares the effectiveness of signature-based detection methods. The proposed work presents a pattern recognition algorithm aptly named as 'Capturing-the-Invisible (CTI)' to find the hidden process in industrial control device logs and detect Behavior-based attacks being performed in real-time.

Capturing-the-Invisible (CTI): Behavior-Based Attacks Recognition in IoT-Oriented Industrial Control Systems

Mostarda L.
2020-01-01

Abstract

Industrial Control Systems monitor, automate, and operate complex infrastructure and processes that integrate into critical industrial sectors that affect our daily lives. With the advent of networking and automation, these systems have moved from being dedicated and independent to centralized corporate infrastructure. While this has facilitated the monitoring and overall management using traditional detection methods, Web Application Firewalls or Intrusion Detection Systems has exposed the networks subjecting them to Behavior-based cybersecurity attacks. Such attacks alter the control flow and processes and have the malicious ability to alter the functioning of these systems altogether. This research focuses on the use of process analytics to detect attacks in the industrial control infrastructure systems and compares the effectiveness of signature-based detection methods. The proposed work presents a pattern recognition algorithm aptly named as 'Capturing-the-Invisible (CTI)' to find the hidden process in industrial control device logs and detect Behavior-based attacks being performed in real-time.
2020
File in questo prodotto:
File Dimensione Formato  
09104652.pdf

accesso aperto

Descrizione: Versione editoriale
Tipologia: Versione Editoriale
Licenza: PUBBLICO - Creative Commons
Dimensione 8.67 MB
Formato Adobe PDF
8.67 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11581/440342
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 34
  • ???jsp.display-item.citation.isi??? 16
social impact