6th International Symposium for ICS & SCADA Cyber Security Research 2019 (ICS-CSR)
Cyber Security Research
10th-12th September 2019
Industrial Control System (ICS) third-party maintenance introduces security risk into an organisation, as access is granted for performance of named maintenance tasks on industrial equipment, but there is currently no fine-grained way to monitor the activity. This paper applies Machine Learning to ICS network traffic, in order to alert operational staff to unauthorised activity.
The work describes a method for identifying deviations, by characterising network traffic purpose, and applying software to dissect, learn and monitor maintenance traffic, then presenting results in a chart.