DRACE: A Framework for Evaluating Anomaly Detectors for Industrial Control Systems

被引:0
|
作者
Christian, Ivan [1 ]
Furtado, Francisco [1 ]
Mathur, Aditya P. [1 ]
机构
[1] SUTD, ITrust, Singapore, Singapore
来源
PROCEEDINGS OF THE 10TH ACM CYBER-PHYSICAL SYSTEM SECURITY WORKSHOP, ACM CPSS 2024 | 2024年
基金
新加坡国家研究基金会;
关键词
Anomaly detection; Cyber exercise; Industrial Control Systems; Cyber Security; Performance Metrics; Critical Infrastructure; Tools;
D O I
10.1145/3626205.3659145
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The detection of process anomalies is a critical step in defending a physical plant against cyber-attacks. We propose a framework named DRACE that includes a set of metrics to evaluate the effectiveness of anomaly detectors, referred to as Intrusion Detection Systems (IDS). Different from those used in the literature, the proposed metrics are designed to serve as a means for plant engineers and IT specialists to compare multiple detectors prior to deciding which to deploy. The metrics were found effective in evaluating the effectiveness of several anomaly detectors of different origins in a case study conducted in the iTrust laboratory.
引用
收藏
页码:77 / 87
页数:11
相关论文
共 50 条
  • [41] A tool integration framework for industrial distributed control systems
    Estevez, E.
    Marcos, M.
    Gangoiti, U.
    Orive, D.
    2005 44th IEEE Conference on Decision and Control & European Control Conference, Vols 1-8, 2005, : 8373 - 8378
  • [42] Design and Implementation of a Security Framework for Industrial Control Systems
    Harshe, Omkar A.
    Chiluvuri, N. Teja
    Patterson, Cameron D.
    Baumann, William T.
    2015 INTERNATIONAL CONFERENCE ON INDUSTRIAL INSTRUMENTATION AND CONTROL (ICIC), 2015, : 127 - 132
  • [43] An Industrial Control Systems Incident Response Decision Framework
    He, Ying
    Maglaras, Leandros A.
    Janicke, Helge
    Jones, Kevin
    2015 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2015, : 761 - 762
  • [44] A framework for runtime verification of industrial process control systems
    Savolainen, Roope
    Sierla, Seppo
    Karhela, Tommi
    Miettinen, Tuomas
    Vyatkin, Valeriy
    2017 IEEE 15TH INTERNATIONAL CONFERENCE ON INDUSTRIAL INFORMATICS (INDIN), 2017, : 687 - 694
  • [45] Data Clustering-based Anomaly Detection in Industrial Control Systems
    Kiss, Istvan
    Genge, Bela
    Haller, Piroska
    Sebestyen, Gheorghe
    2014 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTER COMMUNICATION AND PROCESSING (ICCP), 2014, : 275 - +
  • [46] Anomaly detection in Industrial Control Systems using Logical Analysis of Data
    Das, Tanmoy Kanti
    Adepu, Sridhar
    Zhou, Jianying
    COMPUTERS & SECURITY, 2020, 96
  • [47] ZOE: Content-based Anomaly Detection for Industrial Control Systems
    Wressnegger, Christian
    Kellner, Ansgar
    Rieck, Konrad
    2018 48TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN), 2018, : 127 - 138
  • [48] A modified densenet approach with nearmiss for anomaly detection in industrial control systems
    Ayas, Selen
    Ayas, Mustafa Sinasi
    MULTIMEDIA TOOLS AND APPLICATIONS, 2022, 81 (16) : 22573 - 22586
  • [49] DAICS: A Deep Learning Solution for Anomaly Detection in Industrial Control Systems
    Abdelaty, Maged
    Doriguzzi-Corin, Roberto
    Siracusa, Domenico
    IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTING, 2022, 10 (02) : 1117 - 1129
  • [50] Explainable correlation-based anomaly detection for Industrial Control Systems
    Birihanu, Ermiyas
    Lendak, Imre
    FRONTIERS IN ARTIFICIAL INTELLIGENCE, 2025, 7
12345