+1 Recommend
1 collections
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      On the Edge Realtime Intrusion Prevention System for DoS Attack


      1 , , Ph.D. 2 , , Ph.D. 1

      5th International Symposium for ICS & SCADA Cyber Security Research 2018 (ICS-CSR 2018)

      ICS & SCADA Cyber Security Research

      29 - 30 August 2018

      SCADA, ICS, on-the-edge Intrusion Prevention System, Denial-of-Service attack, Unsupervised Machine Learning



            Industrial control systems manage critical infrastructures that are immensely diverse and complicated. These highly linked critical infrastructures are made up of networks of industrial control system (ICS) each responsible for controlling critical processes. During its nascent stages the controllers in the ICS were built for robust operation in extreme industrial conditions, but little to no emphasis was placed on safeguarding the system against potential cyberthreats. The industrial networks having legacy controllers are air gapped from the enterprise network hence a centrally deployed NIDS in the same network of the trusted nodes is often used as the last line of defence against intrusions such as malicious activity or policy violation. Most cyber incidents in industrial control systems have witnessed the breach of the air gap and compromised trusted nodes. Hence this paper proposes an on-the-edge Intrusion Prevention System (IPS) that can detect and prevent Denial of Service (DoS) attack on the Programmable Logic Controllers (PLCs) from trusted nodes at real time. A novel attribute of our proposed framework is that it is generic in nature and can be used on any PLC irrespective of the critical infrastructure being controlled by it. A wide range of experimentation has been performed to validate the performance of our proposed IPS.


            Author and article information

            August 2018
            August 2018
            : 84-91
            [1 ]Department of Electrical and Computer Engineering, The University of Alabama in Huntsville, Huntsville, USA
            [2 ]Department of Computer Science, The University of Alabama in Huntsville, Huntsville, USA
            © Das et al. Published by BCS Learning and Development Ltd. Proceedings of ICS & SCADA 2018

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            5th International Symposium for ICS & SCADA Cyber Security Research 2018
            ICS-CSR 2018
            University of Hamburg, Germany
            29 - 30 August 2018
            Electronic Workshops in Computing (eWiC)
            ICS & SCADA Cyber Security Research
            Product Information: 1477-9358BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Electronic Workshops in Computing


            1. Threat Landscape Stakeholder Group “The Number Of ICS Attacks Continues To Increase Worldwide” Security Affairs N.p. 2017

            2. Security aspects of SCADA and DCS environments Critical Infrastructure Protection

            3. “Quickdraw Retrospective, Part #1” Digital Bond November 17 2009 http://www.digitalbond.com/2009/11/17/quickdraw-retrospective-part-1/; “Quickdraw Retrospective, Part #2” Digital Bond November 19 2009 http://www.digitalbond.com/2009/11/19/quickdraw-retrospective-part-2/;.

            4. 2017 An extended analysis of an IoT malware from a blackhole network 50), 13 15

            5. 2017 Understanding the Mirai Botnet Proceedings of the 26th USENIX Security Symposium 1093 1110 Retrieved from https://www.usenix.org/conference/usenixsecurit y17/technical-sessions/presentation/antonakakis

            6. 2016 Virtualization of Industrial Control System Testbeds for Cybersecurity Proceedings of the 2nd Annual Industrial Control System Security Workshop on - ICSS ’16 10 14 http://doi.org/10.1145/3018981.3018988

            7. “OpenPLC: An open source alternative to automation” in 2014 IEEE Global Humanitarian Technology Conference (GHTC) 585 589 Oct. 2014 10.1109/GHTC.2014.6970342

            8. “A taxonomy of cyber attacks on SCADA systems” In Internet of things (iThings/CPSCom), 2011 international conference on and 4th international conference on cyber, physical and social computing 380 388 IEEE 2011

            9. “The Cyber Attack On Saudi Aramco”. http://dx.doi.org/10.1080/00396338.2013.784468

            10. “W32. stuxnet dossier” White paper, Symantec Corp., Security Response 5 2011

            11. Applying Hoeffding Adaptive Trees for Real-Time Cyber-Power Event and Intrusion Classification IEEE Transactions on Smart Grid 10.1109/TSG.2017.2647778

            12. 2017 Applying Hoeffding Adaptive Trees for Real-Time Cyber-Power Event and Intrusion Classification IEEE Transactions on Smart Grid

            13. 2018 Effective natural communication between human hand and mobile robot using Raspberry-pi 2018 IEEE International Conference on Consumer Electronics (ICCE)

            14. 2017 NFC/RFID technology using Raspberry Pi as platform used in smart home project 2017 IEEE 14th International Scientific Conference on Informatics

            15. Proceedings of the eighteenth annual ACM-SIAM symposium on Discrete algorithms Society for Industrial and Applied Mathematics 2007

            16. 2018 Consensus of Heterogeneous Linear Multiagent Systems Subject to Aperiodic Sampled-Data and DoS Attack IEEE Transactions on Cybernetics 1 11

            17. 2015 Understanding DDoS Attacks from Mobile Devices 2015 3rd International Conference on Future Internet of Things and Cloud

            18. 2018 Batch Process Modeling and Monitoring With Local Outlier Factor IEEE Transactions on Control Systems Technology 1 14

            19. 2017 Evolving Neural Network Intrusion Detection System for MCPS 2018 20th International Conference on Advanced Communication Technology (ICACT)


            Comment on this article