Abstract
In this paper, the author proposes a methodology to perform comparison and validation of proposed intrusion detection and prevention systems (IDS/IPSs) designed for cyber-physical systems (CPSs). This approach consists of a software model of a CPS, as well as a variety of sample cyber attacks and a metric for comparing IDS/IPS performance. Securing critical infrastructure from cyber attack is an important step in reducing the likelihood of a system failure and the resulting losses of property and human life. Independent review is necessary in the scientific research process to determine the viability of proposed solutions, their reproducibility, and their usefulness when compared to other potential defenses. The design of the model and test attacks are complex enough to show their impacts, yet simplistic enough to allow researchers to easily reproduce them and to focus instead on the results of their testing.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Barbará, D., Wu, N., Jajodia, S.: Detecting novel network intrusions using Bayes estimators. In: Proceedings of Siam Conference on Data Mining (2001)
Pan, S., Morris, T., Adhikari, U.: A specification-based intrusion detection framework for cyber-physical environment in electric power system. Int. J. Netw. Secur. 17(2), 174–188 (2015)
Garitano, I., et al.: A review of SCADA anomaly detection systems. In: 6th International Conference SOCO - Soft Computing Models in Industrial and Environmental Applications, pp. 357–366 (2011)
Fovino, I.N., et al.: Modbus/DNP3 state-based intrusion detection system. In: 24th IEEE International Conference on Advanced Information Networking and Applications, pp. 729–736 (2010)
Adhikari, U., Morris, T., Pan, S.: Applying non-nested generalized exemplars classification for cyber-power event and intrusion detection. IEEE Trans. Smart Grid 9(5), 3928–3941 (2018)
Yang, D., Usynin, A., Hines, J.W.: Anomaly-based intrusion detection for SCADA systems. In: Proceedings of the 5th International Topical Meeting on Nuclear Plant Instrumentation Controls, and Human Machine Interface Technology, pp. 797–803, 12–16 November 2006
Alves, T., Morris, T.: OpenPLC: an IEC 61131-3 compliant open source industrial controller for cyber security research. Comput. Secur. 78, 364–379 (2018)
Düssel, P., et al.: Cyber-critical infrastructure protection using real-time payload-based anomaly detection. In: Rome, E., Bloomfield, R. (eds.) Critical Information Infrastructures Security (CRITIS). LNCS, vol. 6027. Springer, Heidelberg (2009)
Richey, D.J.: Leveraging PLC ladder logic for signature based IDS rule generation. MS thesis, Mississippi State University, Starkville (2016)
Gao, W.: Cyberthreats, attacks and intrusion detection in supervisory control and data acquisition networks. Ph.D. dissertation, Mississippi State University, Starkville (2013)
Denning, D.: An intrusion-detection model. IEEE Trans. Softw. Eng. SE-13(2), 222–232 (1987)
Igure, V., Laughter, S., Williams, R.: Security issues in SCADA networks. Comput. Secur. 25, 498–506 (2006)
Alves, T., Das, R., Morris, T.: Virtualization of industrial control system testbeds for cybersecurity. Presented at ICSS 2016, Los Angeles, CA, USA, 06 December 2016 (2016)
Morris, T., et al.: A control system testbed to validate critical infrastructure protection concepts. Int. J. Crit. Infrastruct. Prot. 4, 88–103 (2011)
Alves, T.: OpenPLC: towards a fully open and secure programmable logic controller. Ph.D. dissertation, ECE, UAH, Huntsville (2019)
John, K., Tiegelkamp, M.: IEC 61131-3: Programming Industrial Automation Systems. Springer, Heidelberg (1993)
Zhu, B., Sastry, S.: SCADA-specific intrusion detection/prevention systems: a survey and taxonomy. In: Proceedings of Workshop on Secure Control System (2010)
ScadaBR: Principle Functionalities (in Portuguese). http://www.scadabr.com.br/. Accessed 5 Mar 2019
Zhu, B.: A taxonomy of cyber attacks on SCADA systems. In: Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, pp. 380–388 (2011)
Mitchell, R., Chen, I.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), Article no. 55 (2014)
Nayak, G., Samaddar, S.: Different flavours of man-in-the-middle attack, consequences and feasible solutions. In: 2010 3rd International Conference on Computer Science and Information Technology, Chengdu, China, 9–11 July 2010 (2010)
Ettercap: Homepage. https://www.ettercap-project.org/. Accessed 10 Mar 2018
Plummer, D.: An ethernet address resolution protocol. Network Working Group Request For Comments: 826, November 1982
Papp, D., et al.: Embedded systems security: threats, vulnerabilities, and attack taxonomy. In: 2015 13th Annual Conference on Privacy, Security and Trust (PST) (2015)
Reaves, B., Morris, T.: Analysis and mitigation of vulnerabilities in short-range wireless communications for industrial control systems. Int. J. Crit. Infrastruct. Prot. 5(3–4), 154–174 (2012)
Alves, T., Das, R., Morris, T.: Embedding encryption and machine learning intrusion prevention systems on programmable logic controllers. IEEE Embedded Syst. Lett. 10(3), 99–102 (2018)
abatishkev: LOIC. SourceForge: https://sourceforge.net/projects/loic/. Accessed 24 Apr 2019
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Griffith, S., Morris, T.H. (2020). Using Modeled Cyber-Physical Systems for Independent Review of Intrusion Detection Systems. In: Choo, KK., Morris, T., Peterson, G. (eds) National Cyber Summit (NCS) Research Track. NCS 2019. Advances in Intelligent Systems and Computing, vol 1055. Springer, Cham. https://doi.org/10.1007/978-3-030-31239-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-31239-8_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-31238-1
Online ISBN: 978-3-030-31239-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)