Loading [a11y]/accessibility-menu.js
Unsupervised Time-Series based Anomaly Detection in ICS/SCADA Networks | IEEE Conference Publication | IEEE Xplore

Unsupervised Time-Series based Anomaly Detection in ICS/SCADA Networks


Abstract:

Traditionally, Industrial Control Systems (ICS) have been operated as air-gapped networks, without a necessity to connect directly to the Internet. With the introduction ...Show More

Abstract:

Traditionally, Industrial Control Systems (ICS) have been operated as air-gapped networks, without a necessity to connect directly to the Internet. With the introduction of the Internet of Things (IoT) paradigm, along with the cloud computing shift in traditional IT environments, ICS systems went through an adaptation period in the recent years, as the Industrial Internet of Things (IIoT) became popular. ICS systems, also called Cyber-Physical-Systems (CPS), operate on physical devices (i.e., actuators, sensors) at the lowest layer. An anomaly that effect this layer, could potentially result in physical damage. Due to the new attack surfaces that came about with IIoT movement, precise, accurate, and prompt intrusion/anomaly detection is becoming even more crucial in ICS. This paper proposes a novel method for real-time intrusion/anomaly detection based on a cyber-physical system network traffic. To evaluate the proposed anomaly detection method’s efficiency, we run our implementation against a network trace taken from a Secure Water Treatment Testbed (SWAT) of iTrust Laboratory at Singapore.
Date of Conference: 31 October 2021 - 02 November 2021
Date Added to IEEE Xplore: 25 November 2021
ISBN Information:
Conference Location: Dubai, United Arab Emirates

I. Introduction

The issue of Anomaly/outlier Detection (AD) in networking and various cyber-physical systems continues to be one major research question today. Various data types such as timeseries, network packet-captures, and event-based data streams have been used in functionally diverse systems to detect anomalous event in real-time [1], [2]. Most results report anomaly detection from additional meta-data as conferred by machine learning-based methods.

Contact IEEE to Subscribe

References

References is not available for this document.