Distributed Architecture of an Intrusion Detection System in Industrial Control Systems

Industry 4.0 refers to a new generation of connected and intelligent factories that is driven by the emergence of new technologies such as artificial intelligence, Cloud computing, Big Data and industrial control systems (ICS) in order to automate all phases of industrial operations. The presence of connected systems in industrial environments poses a considerable security challenge, moreover with the huge amount of data generated daily, there are complex attacks that occur in seconds and target production lines and their integrity. But, until now, factories do not have all the necessary tools to protect themselves, they mainly use traditional protection. To improve industrial control systems in terms of efficiency and response time, the present paper propose a new distributed intrusion detection approach using artificial intelligence methods including machine learning, Big Data techniques and deployed in a cloud environment. We use the industrial dataset SWat for the experiment. Our system achieved good results in terms of Accuracy (99%) and response time by using Gradient-Boosted Trees (GBTs) classifier due to the performance of Databricks and Apache Spark.