Abstract
ABSTRACT Highly notable cyber-attacks, such as Stuxnet [1] and the Maroochy attack [3], have targeted critical infrastructure to affect physical processes to cause harm. This work presents a payload analysis-based Intrusion Prevention System (IPS) to detect similar attacks by predicting what harm the attacks could cause to the physical process. The IPS developed is called the Embedded Process Prediction Intrusion Prevention System (EPPIPS). EPPIPS examines incoming command packets and ladder logic programs that are destined for a Programmable Logic Controller (PLC) that interacts with a physical process. If EPPIPS predicts these packets or programs to be harmful, EPPIPS can potentially prevent or limit the harm. EPPIPS resides inside the PLC itself as a proxy process between the actual PLC process and the network. The purpose of this approach is to serve as the innermost layer of defense relative to the PLC for cyber-attacks in a defense in depth strategy. The metrics used when evaluating the results in this work included latency and the accuracy of the predictions.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
