1. A novel online state-based anomaly detection system for process control networks.
- Author
-
Farsi, Hamed, Fanian, Ali, and Taghiyarrenani, Zahra
- Abstract
Industrial control networks are the core part of critical infrastructures such as power grid and oil refinery. In recent years, the number of cyber-attacks to industrial control networks are growing increasingly. Moreover, connecting industrial networks to the public network makes these critical infrastructures more vulnerable to the cyber-attacks. Therefore, improving the security of these networks has attracted much attention nowadays. To protect industrial control networks, the proposed online method is able to detect anomalies with low computational time while do not use prior knowledge about the system and anomalies. This method can adjust the severity of detection in order to efficiently detect changes which lead to anomalies; And also can be adapted to inevitable network changes by updating the anomaly threshold using the latest normal states. The proposed method finds anomalies in the network using high-pass filters and Euclidean distance of the current state with the latest states. To evaluate the efficiency of the proposed approach, a boiler control system is simulated and three test datasets are provided from this simulation. The proposed intrusion detection system was evaluated through these datasets, as well as the SWaT dataset. The results show that the proposed approach not only is highly effective for detecting anomalies, but also is adaptable to the normal variations in the network. [ABSTRACT FROM AUTHOR]
- Published
- 2019
- Full Text
- View/download PDF