Sökning: id:"swepub:oai:research.chalmers.se:6aade413-56b7-4ddb-81a5-78b1662721cf" >
The Nuts and Bolts ...
The Nuts and Bolts of Deploying Process-Level IDS in Industrial Control Systems
-
- Almgren, Magnus, 1972 (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
- Aoudi, Wissam, 1983 (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
- Gustafsson, Robert (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
visa fler...
-
- Krahl, Robin (författare)
- Albert-Ludwigs-Universität Freiburg,University of Freiburg
-
Lindhe, Andreas (författare)
-
visa färre...
-
(creator_code:org_t)
- 2018-12-04
- 2018
- Engelska.
-
Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : ACM. ; , s. 17-24
- Relaterad länk:
-
https://research.cha... (primary) (free)
-
visa fler...
-
https://research.cha...
-
https://doi.org/10.1...
-
https://research.cha...
-
https://research.cha...
-
visa färre...
Abstract
Ämnesord
Stäng
- Much research effort has recently been devoted to securing Industrial Control Systems (ICS) in response to the increasing number of adverse incidents targeting nation-wide critical infrastructures. Leveraging the static and regular nature of the behavior of control systems, various data-driven methods that monitor the process-level network have been proposed as a defensive measure. Although these methods have been evaluated through offline analysis of ICS-related datasets, in absence of documented live experiments in real environments, a complete and global understanding of the applicability and efficiency of process-level monitoring is still lacking. In this work, we describe our experience of running a fully fledged intrusion detection system in an operational paper factory for 75 days. We discuss the nuts and bolts of running such systems in real environments and underline several practical challenges in meeting ICS-specific requirements. This work essentially aims at bridging the gap between ICS intrusion detection research and practice, and empirically validating the increasingly adopted data-driven approach to process-level monitoring.
Ämnesord
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Inbäddad systemteknik (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Embedded Systems (hsv//eng)
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Datorsystem (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Computer Systems (hsv//eng)
Nyckelord
- Process-Level Analysis
- Cyber-Physical Systems
- Industrial Control Systems
- Intrusion Detection
- PASAD
- Deployment
Publikations- och innehållstyp
- kon (ämneskategori)
- ref (ämneskategori)