Exportação concluída — 

Intrusion and Anomaly Detection in Industrial Automation and Control Systems

Detalhes bibliográficos
Autor(a) principal: Rosa, Luis
Data de Publicação: 2023
Outros Autores: Cruz, Tiago J., Simões, Paulo, Monteiro, Edmundo
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Texto Completo: https://hdl.handle.net/10316/114477
https://doi.org/10.1109/NOMS56928.2023.10154432
Resumo: In the domain of Industrial Automation and Control Systems (IACS), security was traditionally downplayed to a certain extent, as it was originally deemed an exclusive concern of Information and Communications Technology (ICT) systems. The myth of the air-gap, as well as other preconceived notions about implicit IACS security, constituted dangerous fallacies that were debunked once successful attacks become known. Ultimately, the industry started shifting away from this dangerous mindset, discussing how to properly secure those systems. In many ways, IACS security should not be treated differently from modern ICT security. For sure, IACS have distinct characteristics, assets, protocols and even priorities that should be considered – but security should never be an optional concern. In this publication, we present the main results of a PhD dissertation that proposes a holistic and data-driven framework capable of leveraging distinct techniques to increase situational awareness and provide continuous and near real-time monitoring of IACS. For such purposes, it proposes an evolution of the Security Information and Event Management (SIEM) concept, geared towards providing a unified security data monitoring solution by leveraging recent advances in the field of real-time Big Data analytics. In the same way, the most recent machinelearning- based anomaly-detection techniques (which are becoming increasingly prominent in the cybersecurity field) are also analyzed and studied to understand their benefits for developing and advancing IACS cyber-intrusion detection processes.
id RCAP_07ac49c15788ca72d16d9cf20db0707c
oai_identifier_str oai:estudogeral.uc.pt:10316/114477
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Intrusion and Anomaly Detection in Industrial Automation and Control SystemsIndustrial Automation and Control SystemsCybersecurityIntrusion DetectionReal-Time Big Data AnalyticsSCADA NetworksIn the domain of Industrial Automation and Control Systems (IACS), security was traditionally downplayed to a certain extent, as it was originally deemed an exclusive concern of Information and Communications Technology (ICT) systems. The myth of the air-gap, as well as other preconceived notions about implicit IACS security, constituted dangerous fallacies that were debunked once successful attacks become known. Ultimately, the industry started shifting away from this dangerous mindset, discussing how to properly secure those systems. In many ways, IACS security should not be treated differently from modern ICT security. For sure, IACS have distinct characteristics, assets, protocols and even priorities that should be considered – but security should never be an optional concern. In this publication, we present the main results of a PhD dissertation that proposes a holistic and data-driven framework capable of leveraging distinct techniques to increase situational awareness and provide continuous and near real-time monitoring of IACS. For such purposes, it proposes an evolution of the Security Information and Event Management (SIEM) concept, geared towards providing a unified security data monitoring solution by leveraging recent advances in the field of real-time Big Data analytics. In the same way, the most recent machinelearning- based anomaly-detection techniques (which are becoming increasingly prominent in the cybersecurity field) are also analyzed and studied to understand their benefits for developing and advancing IACS cyber-intrusion detection processes.H2020 ATENA (H2020-DS-2015-1 Project 700581) and P2020 Smart5Grid (co-funded by FEDER -Competitiveness and Internationalization Operational Program (COMPETE 2020), Portugal 2020 framework)IEEE2023info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articlehttps://hdl.handle.net/10316/114477https://hdl.handle.net/10316/114477https://doi.org/10.1109/NOMS56928.2023.10154432engRosa, LuisCruz, Tiago J.Simões, PauloMonteiro, Edmundoinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2024-07-19T10:36:09Zoai:estudogeral.uc.pt:10316/114477Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T06:07:37.030407Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Intrusion and Anomaly Detection in Industrial Automation and Control Systems
title Intrusion and Anomaly Detection in Industrial Automation and Control Systems
spellingShingle Intrusion and Anomaly Detection in Industrial Automation and Control Systems
Rosa, Luis
Industrial Automation and Control Systems
Cybersecurity
Intrusion Detection
Real-Time Big Data Analytics
SCADA Networks
title_short Intrusion and Anomaly Detection in Industrial Automation and Control Systems
title_full Intrusion and Anomaly Detection in Industrial Automation and Control Systems
title_fullStr Intrusion and Anomaly Detection in Industrial Automation and Control Systems
title_full_unstemmed Intrusion and Anomaly Detection in Industrial Automation and Control Systems
title_sort Intrusion and Anomaly Detection in Industrial Automation and Control Systems
author Rosa, Luis
author_facet Rosa, Luis
Cruz, Tiago J.
Simões, Paulo
Monteiro, Edmundo
author_role author
author2 Cruz, Tiago J.
Simões, Paulo
Monteiro, Edmundo
author2_role author
author
author
dc.contributor.author.fl_str_mv Rosa, Luis
Cruz, Tiago J.
Simões, Paulo
Monteiro, Edmundo
dc.subject.por.fl_str_mv Industrial Automation and Control Systems
Cybersecurity
Intrusion Detection
Real-Time Big Data Analytics
SCADA Networks
topic Industrial Automation and Control Systems
Cybersecurity
Intrusion Detection
Real-Time Big Data Analytics
SCADA Networks
description In the domain of Industrial Automation and Control Systems (IACS), security was traditionally downplayed to a certain extent, as it was originally deemed an exclusive concern of Information and Communications Technology (ICT) systems. The myth of the air-gap, as well as other preconceived notions about implicit IACS security, constituted dangerous fallacies that were debunked once successful attacks become known. Ultimately, the industry started shifting away from this dangerous mindset, discussing how to properly secure those systems. In many ways, IACS security should not be treated differently from modern ICT security. For sure, IACS have distinct characteristics, assets, protocols and even priorities that should be considered – but security should never be an optional concern. In this publication, we present the main results of a PhD dissertation that proposes a holistic and data-driven framework capable of leveraging distinct techniques to increase situational awareness and provide continuous and near real-time monitoring of IACS. For such purposes, it proposes an evolution of the Security Information and Event Management (SIEM) concept, geared towards providing a unified security data monitoring solution by leveraging recent advances in the field of real-time Big Data analytics. In the same way, the most recent machinelearning- based anomaly-detection techniques (which are becoming increasingly prominent in the cybersecurity field) are also analyzed and studied to understand their benefits for developing and advancing IACS cyber-intrusion detection processes.
publishDate 2023
dc.date.none.fl_str_mv 2023
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://hdl.handle.net/10316/114477
https://hdl.handle.net/10316/114477
https://doi.org/10.1109/NOMS56928.2023.10154432
url https://hdl.handle.net/10316/114477
https://doi.org/10.1109/NOMS56928.2023.10154432
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv IEEE
publisher.none.fl_str_mv IEEE
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833602584875630592

Registros relacionados