28 research outputs found

    Discussing the Feasibility of Acoustic Sensors for Side Channel-aided Industrial Intrusion Detection: An Essay

    Full text link
    The fourth industrial revolution leads to an increased use of embedded computation and intercommunication in an industrial environment. While reducing cost and effort for set up, operation and maintenance, and increasing the time to operation or market respectively as well as the efficiency, this also increases the attack surface of enterprises. Industrial enterprises have become targets of cyber criminals in the last decade, reasons being espionage but also politically motivated. Infamous attack campaigns as well as easily available malware that hits industry in an unprepared state create a large threat landscape. As industrial systems often operate for many decades and are difficult or impossible to upgrade in terms of security, legacy-compatible industrial security solutions are necessary in order to create a security parameter. One plausible approach in industry is the implementation and employment of side-channel sensors. Combining readily available sensor data from different sources via different channels can provide an enhanced insight about the security state. In this work, a data set of an experimental industrial set up containing side channel sensors is discussed conceptually and insights are derived

    Time is of the Essence: Machine Learning-based Intrusion Detection in Industrial Time Series Data

    Full text link
    The Industrial Internet of Things drastically increases connectivity of devices in industrial applications. In addition to the benefits in efficiency, scalability and ease of use, this creates novel attack surfaces. Historically, industrial networks and protocols do not contain means of security, such as authentication and encryption, that are made necessary by this development. Thus, industrial IT-security is needed. In this work, emulated industrial network data is transformed into a time series and analysed with three different algorithms. The data contains labeled attacks, so the performance can be evaluated. Matrix Profiles perform well with almost no parameterisation needed. Seasonal Autoregressive Integrated Moving Average performs well in the presence of noise, requiring parameterisation effort. Long Short Term Memory-based neural networks perform mediocre while requiring a high training- and parameterisation effort.Comment: Extended version of a publication in the 2018 IEEE International Conference on Data Mining Workshops (ICDMW
    corecore