Capturing-the-Invisible (CTI): Behavior-based Attacks Recognition in IoT-oriented Industrial Control Systems

Akashdeep Bhardwaj, Fadi Al-Turjman, Manoj Kumar, Thompson Stephan, Leonardo Mostarda
2020 IEEE Access  
Industrial Control Systems monitor, automate, and operate complex infrastructure and processes that integrate into critical industrial sectors that affect our daily lives. With the advent of networking and automation, these systems have moved from being dedicated and independent to centralized corporate infrastructure. While this has facilitated the monitoring and overall management using traditional detection methods, Web Application Firewalls or Intrusion Detection Systems has exposed the
more » ... orks subjecting them to Behavior-based cybersecurity attacks. Such attacks alter the control flow and processes and have the malicious ability to alter the functioning of these systems altogether. This research focuses on the use of process analytics to detect attacks in the industrial control infrastructure systems and compares the effectiveness of signature-based detection methods. The proposed work presents a pattern recognition algorithm aptly named as "Capturing-the-Invisible (CTI)" to find the hidden process in industrial control device logs and detect Behavior-based attacks being performed in real-time. INDEX TERMS Industrial control systems, cyberattacks, behavior detection, signatures. 104956 This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see VOLUME 8, 2020
doi:10.1109/access.2020.2998983 fatcat:ygvaltmpyza6zfqhdkmrxohtrq