Last Line of Defense

None, None; None, None

Last Line of Defense

A Novel IDS Approach Against Advanced Threats in Industrial Control Systems

Conference Paper (2017)

Author(s)

Mark Luchs (TU Delft - Cyber Security)

C. Dörr (TU Delft - Cyber Security)

Research Group

Cyber Security

DOI related publication

https://doi.org/10.1007/978-3-319-60876-1_7

Intrusion detection Cyber physical security Industrial control systems

To reference this document use:

https://resolver.tudelft.nl/uuid:e9041613-018c-4897-9d3b-57f44c3c8ffb

More Info

expand_more

Publication Year

2017

Language

English

Research Group

Cyber Security

Pages (from-to)

141-160

ISBN (print)

978-3-319-60875-4

ISBN (electronic)

978-3-319-60876-1

Abstract

Industrial control systems are becoming increasingly interconnected, and with it their vulnerability to malicious actors. While intrusion detection systems are suited to detect network-based attacks, they remain unable to detect more sophisticated attacks against control systems, for example a compromise of the PLCs. This paper makes the case that the evolving landscape of threats such as the Stuxnet malware requires an alternative approach to intrusion detection in industrial control systems. We argue that effective control of such advanced threats needs to happen in the last link of the control network, hence building a last line of defense. A proof of concept of this new paradigm was implemented for the control system of a dredging vessel, and we describe main lessons learned and pose open research questions we find based on these experiences for ICS intrusion detection.

No files available

Metadata only record. There are no files for this record.