Assessing Anomaly-Based Intrusion Detection Configurations for Industrial Control Systems
| Title | Assessing Anomaly-Based Intrusion Detection Configurations for Industrial Control Systems |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Gillen, R. E., Carter, J. M., Craig, C., Johnson, J. A., Scott, S. L. |
| Conference Name | 2020 IEEE 21st International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM) |
| Date Published | Sept. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-1-7281-7374-0 |
| Keywords | anomaly-based intrusion detection configurations, anomaly-based network IDS settings, assessment, computer network security, control engineering computing, cost reduction, Electronic mail, Ethernet based interconnections, full-scale ICS test bed, Government, ICs, ICS Anomaly Detection, industrial control, industrial control systems, information technology network, integrated circuits, Intrusion detection, Intrusion Detection Systems, Local area networks, maintenance, maintenance engineering, operational technology systems, Production, production engineering computing, pubcrawl, resilience, Resiliency, risk quantification, Scalability |
| Abstract | To reduce cost and ease maintenance, industrial control systems (ICS) have adopted Ethernetbased interconnections that integrate operational technology (OT) systems with information technology (IT) networks. This integration has made these critical systems vulnerable to attack. Security solutions tailored to ICS environments are an active area of research. Anomalybased network intrusion detection systems are well-suited for these environments. Often these systems must be optimized for their specific environment. In prior work, we introduced a method for assessing the impact of various anomaly-based network IDS settings on security. This paper reviews the experimental outcomes when we applied our method to a full-scale ICS test bed using actual attacks. Our method provides new and valuable data to operators enabling more informed decisions about IDS configurations. |
| URL | https://ieeexplore.ieee.org/document/9217655 |
| DOI | 10.1109/WoWMoM49955.2020.00067 |
| Citation Key | gillen_assessing_2020 |
- information technology network
- Scalability
- risk quantification
- Resiliency
- resilience
- pubcrawl
- production engineering computing
- Production
- operational technology systems
- maintenance engineering
- maintenance
- Local area networks
- Intrusion Detection Systems
- Intrusion Detection
- integrated circuits
- anomaly-based intrusion detection configurations
- Industrial Control Systems
- industrial control
- ICS Anomaly Detection
- ICs
- Government
- full-scale ICS test bed
- Ethernet based interconnections
- Electronic mail
- cost reduction
- control engineering computing
- computer network security
- Assessment
- anomaly-based network IDS settings