Abstract
Increasing number of physical systems being connected to the internet raises security concerns about the possibility of cyber-attacks that can cause severe physical damage. Signature-based malware protection can detect known hazards, but cannot protect against new attacks with unknown attack signatures. Anomaly detection mechanisms are often used in combination with signature-based anti-viruses, however, they too have a weakness of triggering on any new previously unseen activity, even if the activity is legitimate. In this paper, we present a solution to the problem of protecting an industrial process from cyber attacks, having robotic manufacture facilities with automated guided vehicles (AGVs) as our use case. Our solution combines detection of danger signals with anomaly detection in order to minimize mis-labelling of legitimate new behaviour as dangerous.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cani, A., Gaudesi, M., Sanchez, E., Squillero, G., Tonda, A.: Towards automated malware creation: code generation and code integration. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, pp. 157–160. ACM (2014)
Forrest, S., Perelson, A.S., Allen, L., Cherukuri, R.: Self-nonself discrimination in a computer. In: 2012 IEEE Symposium on Security and Privacy, p. 202. IEEE Computer Society (1994)
fr Sicherheit in der Informationstechnik (BSI), B.: Die lage der it-sicherheitin deutschland (2014). https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2014.pdf?__blob=publicationFile
Kim, J., Bentley, P.J., Aickelin, U., Greensmith, J., Tedesco, G., Twycross, J.: Immune system approaches to intrusion detection-a review. Natural Comput. 6(4), 413–466 (2007)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. Secur. Priv. IEEE 9(3), 49–51 (2011)
Manber, U., et al.: Finding similar files in a large file system. In: Usenix Winter, vol. 94, pp. 1–10 (1994)
Matzinger, P.: Tolerance, danger, and the extended family. Annu. Rev. Immunol. 12(1), 991–1045 (1994)
Petit, J., Shladover, S.: Potential cyberattacks on automated vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Degeler, V., French, R., Jones, K. (2016). Combined Danger Signal and Anomaly-Based Threat Detection in Cyber-Physical Systems. In: Mandler, B., et al. Internet of Things. IoT Infrastructures. IoT360 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 169. Springer, Cham. https://doi.org/10.1007/978-3-319-47063-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-47063-4_3
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-47062-7
Online ISBN: 978-3-319-47063-4
eBook Packages: Computer ScienceComputer Science (R0)