Industrial Control System Network Intrusion Detection by Telemetry Analysis

被引:103
|
作者
Ponomarev, Stanislav [1 ]
Atkison, Travis [2 ]
机构
[1] Louisiana Tech Univ, Coll Engn & Sci, Ruston, LA 71272 USA
[2] Louisiana Tech Univ, Cyber Engn & Comp Sci Dept, Ruston, LA 71272 USA
来源
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING | 2016年 / 13卷 / 02期
关键词
Networked control systems; nonlinear network analysis; control systems; intrusion detection; telemetry;
D O I
10.1109/TDSC.2015.2443793
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Until recently, industrial control systems (ICSs) used "air-gap" security measures, where every node of the ICS network was isolated from other networks, including the Internet, by a physical disconnect. Attaching ICS networks to the Internet benefits companies and engineers who use them. However, as these systems were designed for use in the air-gapped security environment, protocols used by ICSs contain little to no security features and are vulnerable to various attacks. This paper proposes an approach to detect the intrusions into network attached ICSs by measuring and verifying data that is transmitted through the network but is not inherently the data used by the transmission protocol-network telemetry. Using simulated PLC units, the developed IDS was able to achieve 94.3 percent accuracy when differentiating between machines of an attacker and engineer on the same network, and 99.5 percent accuracy when differentiating between attacker and engineer on the Internet.
引用
收藏
页码:252 / 260
页数:9
相关论文
共 50 条
  • [31] Intrusion Detection in SCADA Systems by Traffic Periodicity and Telemetry Analysis
    Zhang, Jiexin
    Gan, Shaoduo
    Liu, Xiaoxue
    Zhu, Peidong
    [J]. 2016 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATION (ISCC), 2016, : 318 - 325
  • [32] Recurrent network in Network Intrusion Detection System
    Xue, JS
    Sun, JZ
    Zhang, X
    [J]. PROCEEDINGS OF THE 2004 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-7, 2004, : 2676 - 2679
  • [33] The sound of intrusion: A novel network intrusion detection system
    Aldarwbi, Mohammed Y.
    Lashkari, Arash H.
    Ghorbani, Ali A.
    [J]. COMPUTERS & ELECTRICAL ENGINEERING, 2022, 104
  • [34] Analysis on the Application of Campus Network Firewall And Intrusion Detection System
    Wang, Jinying
    Yan, Pengfei
    [J]. PROCEEDINGS OF THE 2015 INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS RESEARCH AND MECHATRONICS ENGINEERING, 2015, 121 : 398 - 401
  • [35] Technical Analysis of Network Intrusion Detection System on the Information Security
    Yu, Sheng
    [J]. 2015 3RD INTERNATIONAL CONFERENCE ON SOCIAL SCIENCES RESEARCH (SSR 2015), 2015, 13 : 190 - 194
  • [36] Application Research on Retrospective Analysis System in Network Intrusion Detection
    Wu, Wei
    Cheng, Nan
    Wang, Yubin
    [J]. 2014 TENTH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND SECURITY (CIS), 2014, : 624 - 627
  • [37] Automatic analysis of firewall and network intrusion detection system configurations
    Uribe, Tomas
    Cheung, Steven
    [J]. JOURNAL OF COMPUTER SECURITY, 2007, 15 (06) : 691 - 715
  • [38] Intrusion Detection System Based on In-Depth Understandings of Industrial Control Logic
    Sun, Motong
    Lai, Yingxu
    Wang, Yipeng
    Liu, Jing
    Mao, Beifeng
    Gu, Haoran
    [J]. IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2023, 19 (03) : 2295 - 2306
  • [39] INDUSTRIAL CONTROL SYSTEM INTRUSION DETECTION MODEL BASED ON LSTM & ATTACK TREE
    Fan Xingjie
    Wan Guogen
    Zhang Shibin
    Chen Hao
    [J]. 2020 17TH INTERNATIONAL COMPUTER CONFERENCE ON WAVELET ACTIVE MEDIA TECHNOLOGY AND INFORMATION PROCESSING (ICCWAMTIP), 2020, : 255 - 260
  • [40] Ensemble Common Features Technique for Lightweight Intrusion Detection in Industrial Control System
    Otokwala, Uneneibotejit J.
    Petrovski, Andrei
    [J]. 2023 IEEE 6TH INTERNATIONAL CONFERENCE ON INDUSTRIAL CYBER-PHYSICAL SYSTEMS, ICPS, 2023,
12345