Dr. WATTson: Lightweight current-based Intrusion Detection (CBID)
Title | Dr. WATTson: Lightweight current-based Intrusion Detection (CBID) |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Koch, R., Kühn, T., Odenwald, M., Rodosek, G. Dreo |
Conference Name | 2016 14th Annual Conference on Privacy, Security and Trust (PST) |
Date Published | dec |
ISBN Number | 978-1-5090-4379-8 |
Keywords | Batteries, behavior-based detection, CBID, composability, computer network security, Current Drain Intrusion Detection, Current measurement, Data Breach, Dr. WATTson, false alarm rate, ICs, IDS, industrial control, industrial control systems, integrated circuits, Internet, Intrusion detection, knowledge-based detection, lightweight current-based IDS, lightweight current-based intrusion detection, Power measurement, pubcrawl, resilience, Resiliency, SCADA, SCADA systems, Tamper resistance, Tamper-Resistance, Voltage Characteristics, Voltage measurement |
Abstract | Intrusion detection has been an active field of research for more than 35 years. Numerous systems had been built based on the two fundamental detection principles, knowledge-based and behavior-based detection. Anyway, having a look at day-to-day news about data breaches and successful attacks, detection effectiveness is still limited. Even more, heavy-weight intrusion detection systems cannot be installed in every endangered environment. For example, Industrial Control Systems are typically utilized for decades, charging off huge investments of companies. Thus, some of these systems have been in operation for years, but were designed afore without security in mind. Even worse, as systems often have connections to other networks and even the Internet nowadays, an adequate protection is mandatory, but integrating intrusion detection can be extremely difficult - or even impossible to date. We propose a new lightweight current-based IDS which is using a difficult to manipulate measurement base and verifiable ground truth. Focus of our system is providing intrusion detection for ICS and SCADA on a low-priced base, easy to integrate. Dr. WATTson, a prototype implemented based on our concept provides high detection and low false alarm rates. |
URL | https://ieeexplore.ieee.org/document/7906923/ |
DOI | 10.1109/PST.2016.7906923 |
Citation Key | koch_dr._2016 |
- internet
- Voltage measurement
- Voltage Characteristics
- Tamper-Resistance
- Tamper resistance
- SCADA systems
- SCADA
- Resiliency
- resilience
- pubcrawl
- Power measurement
- lightweight current-based intrusion detection
- lightweight current-based IDS
- knowledge-based detection
- Intrusion Detection
- batteries
- integrated circuits
- Industrial Control Systems
- industrial control
- IDS
- ICs
- false alarm rate
- Dr. WATTson
- Data Breach
- Current measurement
- Current Drain Intrusion Detection
- computer network security
- composability
- CBID
- behavior-based detection