Abstract
To reduce cost and ease maintenance, industrial control systems (ICS) have adopted Ethernetbased interconnections that integrate operational technology (OT) systems with information technology (IT) networks. This integration has made these critical systems vulnerable to attack. Security solutions tailored to ICS environments are an active area of research. Anomalybased network intrusion detection systems are well-suited for these environments. Often these systems must be optimized for their specific environment. In prior work, we introduced a method for assessing the impact of various anomaly-based network IDS settings on security. This paper reviews the experimental outcomes when we applied our method to a full-scale ICS test bed using actual attacks. Our method provides new and valuable data to operators enabling more informed decisions about IDS configurations.
Original language | English |
---|---|
Title of host publication | Proceedings - 21st IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2020 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 360-366 |
Number of pages | 7 |
ISBN (Electronic) | 9781728173740 |
DOIs | |
State | Published - Aug 2020 |
Event | 21st IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2020 - Virtual, Cork, Ireland Duration: Aug 31 2020 → Sep 3 2020 |
Publication series
Name | Proceedings - 21st IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2020 |
---|
Conference
Conference | 21st IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2020 |
---|---|
Country/Territory | Ireland |
City | Virtual, Cork |
Period | 08/31/20 → 09/3/20 |
Funding
This manuscript has been co-authored by UT-Battelle, LLC under Contract No. DE-AC05-00OR22725 with the US DOE. The United States Government retains and the publisher, by accepting the article for publication, acknowledges that the United States Government retains a non-exclusive, paid-up, irrevocable, world-wide license to publish or reproduce the published form of this manuscript, or allow others to do so, for United States Government purposes. The DOE will provide public access to these results of federally sponsored research in accordance with the DOE Public Access Plan (http://energy.gov/downloads/doe-public-access-plan). Thank you, L. Anderson, M. Rice and reviewers whose support and comments helped to ensure this document was both accurate and intelligible. This material is based on research sponsored by the Laboratory Directed Research and Development Program of Oak Ridge National Laboratory, managed by UT-Battelle, LLC, for the U. S. Department of Energy.
Keywords
- assessment
- industrial control systems
- intrusion detection systems
- risk quantification