Loading [MathJax]/extensions/MathMenu.js
Cloud Based Intrusion Detection and Prevention System for Industrial Control Systems Using Software Defined Networking | IEEE Conference Publication | IEEE Xplore

Cloud Based Intrusion Detection and Prevention System for Industrial Control Systems Using Software Defined Networking


Abstract:

Industrial control systems (ICS) are becoming more integral to modern life as they are being integrated into critical infrastructure. These systems typically lack applica...Show More

Abstract:

Industrial control systems (ICS) are becoming more integral to modern life as they are being integrated into critical infrastructure. These systems typically lack application layer encryption and the placement of common network intrusion services have large blind spots. We propose the novel architecture, Cloud Based Intrusion Detection and Prevention System (CB-IDPS), to detect and prevent threats in ICS networks by using software defined networking (SDN) to route traffic to the cloud for inspection using network function virtualization (NFV) and service function chaining. CB-IDPS uses Amazon Web Services to create a virtual private cloud for packet inspection. The CB-IDPS framework is designed with considerations to the ICS delay constraints, dynamic traffic routing, scalability, resilience, and visibility. CB-IDPS is presented in the context of a micro grid energy management system as the test case to prove that the latency of CB-IDPS is within acceptable delay thresholds. The implementation of CB-IDPS uses the OpenDaylight software for the SDN controller and commonly used network security tools such as Zeek and Snort. To our knowledge, this is the first attempt at using NFV in an ICS context for network security.
Date of Conference: 04-07 November 2019
Date Added to IEEE Xplore: 30 January 2020
ISBN Information:
Conference Location: San Antonio, TX, USA

Contact IEEE to Subscribe

References

References is not available for this document.