Process-Aware Model-based Intrusion Detection System on Filtering Approach: Further Investigations
| Autor: | Eric Zamaï, Franck Sicard, Cedric Escudero, Amaury Beaudet |
|---|---|
| Přispěvatelé: | Gestion et Conduite des Systèmes de Production (G-SCOP_GCSP), Laboratoire des sciences pour la conception, l'optimisation et la production (G-SCOP), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), Université Grenoble Alpes (UGA)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), Université Grenoble Alpes (UGA), Ampère, Département Méthodes pour l'Ingénierie des Systèmes (MIS), Ampère (AMPERE), École Centrale de Lyon (ECL), Université de Lyon-Université de Lyon-Université Claude Bernard Lyon 1 (UCBL), Université de Lyon-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche pour l’Agriculture, l’Alimentation et l’Environnement (INRAE)-École Centrale de Lyon (ECL), Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche pour l’Agriculture, l’Alimentation et l’Environnement (INRAE) |
| Jazyk: | angličtina |
| Rok vydání: | 2020 |
| Předmět: |
Discrete-Event System
Process-aware Model-based Detection Cybersecurity Process (engineering) Computer science Computation Distributed computing Integrated circuits 02 engineering and technology Intrusion detection system Intrusions Detection Systems Industrial Control System [SPI]Engineering Sciences [physics] 0202 electrical engineering electronic engineering information engineering Process control Intrusion detection Intrusion Detection Indicators Testbed 020206 networking & telecommunications Computational modeling Industrial control system Filter (signal processing) Signature (logic) 020201 artificial intelligence & image processing Filtering algorithms Actuators |
| Zdroj: | ICIT 2020-IEEE International Conference on Industrial Technology ICIT 2020-IEEE International Conference on Industrial Technology, Feb 2020, Buenos Aires, Argentina. pp.310-315, ⟨10.1109/ICIT45562.2020.9067195⟩ ICIT |
| DOI: | 10.1109/ICIT45562.2020.9067195⟩ |
| Popis: | International audience; Against new emerging cyber-threats targeting Industrial Control Systems (ICSs), Intrusion Detection Systems (IDSs) have emerged as viable solutions for implementing signature or behavioural approaches. The Security Approach based on Filter Execution (S.A.F.E.), a process-aware model-based IDS, deploys detection mechanisms through the implementation of command and report filters close to the process under control. Based on the S.A.F.E. approach, this paper proposes its improvement and novel contributions: a report filter modelling, optimization algorithms for speeding up the computation of the detection indicators and an implementation on a real testbed. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|