Physics Reasoning for Intrusion Detection in Industrial Networks

Mohammad Yahya, Nasir Sharaf, Julian L. Rrushi, Ho Ming Tay, Bing Liu, Kai Xu

2020 Second IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)(2020)

引用 1|浏览3
暂无评分
摘要
Industrial control systems (ICS) exchange network traffic carrying payloads that are closely related to the physics of industrial equipment and processes. We leverage this factor to develop a machine reasoning approach that inspects network packet payloads in terms of their relationship to physics. We found that exploits and malware are unambiguously detected, since they inject machine instructions, addresses, and other data that clearly depart from physics. We developed an ontology integrated with the knowledge of physics, which we tested against exploits of a large number of public vulnerabilities that affect industrial control systems. We also ran our approach in several case studies that involved ICS control of an electrical motor, which we describe in the paper.
更多
查看译文
关键词
Intrusion detection,industrial control systems,knowledge representation and reasoning,semantic web rule language
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要