Anomaly Based IDS Via Customised CUSUM Algorithm for Industrial Communication Systems

Ashraf Ali, Andrew Ware

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Industrial communication and applications have become more connected to the internet due to the enhancement of new 5G based technologies such as the Internet of Things (IoT), cloud computing, Big Data, remote monitoring, and industrial automation techniques. Such improvement has made factory plants more exposed to conventional and new cybersecurity threats. Unfortunately, the advancement in the production cycle elements has not been accompanied by similar progress in developing customised security solutions dedicated to industrial communication systems deployed inside the factory plant. This paper presents a new framework and mechanism that utilise existing components to provide feedback information that reflects the factory components' operation mode and load state. This enables anomaly-based behaviour of the system to be detected. A customised Cumulative Sum (CUSUM) with adaptive thresholds is proposed as part of the detection mechanism deployed by the IDS.
Original languageEnglish
Title of host publication2021 3rd IEEE Middle East and North Africa COMMunications Conference (MENACOMM)
PublisherInstitute of Electrical and Electronics Engineers
Pages31-36
ISBN (Electronic)978-1-6654-3443-0 , 978-1-6654-3444-7
DOIs
Publication statusPublished - 3 Dec 2021
Event2021 3rd IEEE Middle East and North Africa COMMunications Conference (MENACOMM) - Agadir, Morocco
Duration: 3 Dec 20215 Dec 2021

Conference

Conference2021 3rd IEEE Middle East and North Africa COMMunications Conference (MENACOMM)
Period3/12/215/12/21

Keywords

  • ICS
  • IDS
  • PLC
  • Security
  • industrial
  • SCADA
  • CUSUM

Fingerprint

Dive into the research topics of 'Anomaly Based IDS Via Customised CUSUM Algorithm for Industrial Communication Systems'. Together they form a unique fingerprint.

Cite this