Last Line of Defense: A Novel IDS Approach Against Advanced Threats in Industrial Control Systems
نویسندگان
چکیده
Industrial control systems are becoming increasingly interconnected, and with it their vulnerability to malicious actors. While intrusion detection systems are suited to detect network-based attacks, they remain unable to detect more sophisticated attacks against control systems, for example a compromise of the PLCs. This paper makes the case that the evolving landscape of threats such as the Stuxnet malware requires an alternative approach to intrusion detection in industrial control systems. We argue that effective control of such advanced threats needs to happen in the last link of the control network, hence building a last line of defense. A proof of concept of this new paradigm was implemented for the control system of a dredging vessel, and we describe main lessons learned and pose open research questions we find based on these experiences for ICS intrusion detection.
منابع مشابه
Intrusion Detection based on a Novel Hybrid Learning Approach
Information security and Intrusion Detection System (IDS) plays a critical role in the Internet. IDS is an essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality and system availability against possible threats. In this paper, a hybrid approach towards achieving high performance is proposed. In fact, the important goal of this paper ...
متن کاملA Early Detection of Cyber Security Threats using Structured Behavior Modeling
The rapid evolution of network intrusions has rendered traditional Intrusion Detection Systems (IDS) insufficient for cyber attacks such as the Advanced Persistent Threats (APT), which are sophisticated and enduring network intrusion campaigns comprising multiple imperceptible steps of malicious cyber activities. Dealing with such elaborated network intrusions calls for novel and more proactive...
متن کاملA Distributed IDS for Industrial Control Systems
Cyber-threats are one of the most significant problems faced by modern Industrial Control Systems (ICS), such as SCADA (Supervisory Control and Data Acquisition) systems, as the vulnerabilities of ICS technology become serious threats that can ultimately compromise human lives. This situation demands a domainspecific approach to cyber threat detection within ICS, which is one of the most import...
متن کاملTowards Extending the Antivirus Capability to Scan Network Traffic
Computer network is a major venue for malware to spread out and infect new victims. Many effective countermeasures against attacks are deployed at different network boundaries. Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Firewalls are among such security controls. The Antivirus (AV) software is widespread among end-users and deployed as a last line of defense agai...
متن کاملIntrusion Detection Systems Based on Artificial Intelligence Techniques in Wireless Sensor Networks
Intrusion detection system (IDS) is regarded as the second line of defense against network anomalies and threats. IDS plays an important role in network security.There are many techniques which are used to design IDSs for specific scenario and applications. Artificial intelligence techniques are widely used for threats detection. This paper presents a critical study on genetic algorithm, artifi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017