TY - GEN
T1 - Machine learning-based defense against process-Aware attacks on Industrial Control Systems
AU - Keliris, Anastasis
AU - Salehghaffari, Hossein
AU - Cairl, Brian
AU - Krishnamurthy, Prashanth
AU - Maniatakos, Michail
AU - Khorrami, Farshad
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/7/2
Y1 - 2016/7/2
N2 - The modernization of Industrial Control Systems (ICS), primarily targeting increased efficiency and controllability through integration of Information Technologies (IT), introduced the unwanted side effect of extending the ICS cyber-security threat landscape. ICS are facing new security challenges and are exposed to the same vulnerabilities that plague IT, as demonstrated by the increasing number of incidents targeting ICS. Due to the criticality and unique nature of these systems, it is important to devise novel defense mechanisms that incorporate knowledge of the underlying physical model, and can detect attacks in early phases. To this end, we study a benchmark chemical process, and enumerate the various categories of attack vectors and their practical applicability on hardware controllers in a Hardware-In-The-Loop testbed. Leveraging the observed implications of the categorized attacks on the process, as well as the profile of typical disturbances, we follow a data-driven approach to detect anomalies that are early indicators of malicious activity.
AB - The modernization of Industrial Control Systems (ICS), primarily targeting increased efficiency and controllability through integration of Information Technologies (IT), introduced the unwanted side effect of extending the ICS cyber-security threat landscape. ICS are facing new security challenges and are exposed to the same vulnerabilities that plague IT, as demonstrated by the increasing number of incidents targeting ICS. Due to the criticality and unique nature of these systems, it is important to devise novel defense mechanisms that incorporate knowledge of the underlying physical model, and can detect attacks in early phases. To this end, we study a benchmark chemical process, and enumerate the various categories of attack vectors and their practical applicability on hardware controllers in a Hardware-In-The-Loop testbed. Leveraging the observed implications of the categorized attacks on the process, as well as the profile of typical disturbances, we follow a data-driven approach to detect anomalies that are early indicators of malicious activity.
UR - http://www.scopus.com/inward/record.url?scp=85013932114&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85013932114&partnerID=8YFLogxK
U2 - 10.1109/TEST.2016.7805855
DO - 10.1109/TEST.2016.7805855
M3 - Conference contribution
AN - SCOPUS:85013932114
T3 - Proceedings - International Test Conference
BT - Proceedings - 2016 IEEE International Test Conference, ITC 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 47th IEEE International Test Conference, ITC 2016
Y2 - 15 November 2016 through 17 November 2016
ER -