Forensic readiness of industrial control systems under stealthy attacks
نویسندگان
چکیده
Cyberattacks against Industrial Control Systems (ICS) can have harmful physical impacts. Investigating such attacks be difficult, as evidence could lost to damage. This is especially true with stealthy ; i.e., that evade detection. In this paper, we aim engineer Forensic Readiness (FR) in safety-critical, geographically distributed ICS, by proactively collecting potential of attacks. The collection all data generated an ICS at times infeasible due the large volume data. Hence, our approach only triggers when there possibility for a attack cause We determine conditions event performing predictive, model-based, safety checks. Furthermore, use geographical layout and predictions identify risk being damage, relevant Finally, reduce control performance overhead resulting from real-time collection, select subset collect trade-off between expected impact estimated cost collection. demonstrate these ideas using simulations widely-used Tennessee-Eastman Process (TEP) benchmark. show proposed does not miss results reduced compared case collected. also showcase applicability improving efficiency existing forensic log analysis tools.
منابع مشابه
A Deep Learning-based Framework for Conducting Stealthy Attacks in Industrial Control Systems
Industrial control systems (ICS), which in many cases are components of critical national infrastructure, are increasingly being connected to other networks and the wider internet motivated by factors such as enhanced operational functionality and improved efficiency. However, set in this context, it is easy to see that the cyber attack surface of these systems is expanding, making it more impo...
متن کاملA Comparison of Stealthy Sensor Attacks on Control Systems
As more attention is paid to security in the context of control systems and as attacks occur to real control systems throughout the world, it has become clear that some of the most nefarious attacks are those that evade detection. The term stealthy has come to encompass a variety of techniques that attackers can employ to avoid detection. Here we show how the states of the system (in particular...
متن کاملStealthy Deception Attacks Against SCADA Systems
SCADA protocols for Industrial Control Systems (ICS) are vulnerable to network attacks such as session hijacking. Hence, research focuses on network anomaly detection based on meta–data (message sizes, timing, command sequence), or on the state values of the physical process. In this work we present a class of semantic network-based attacks against SCADA systems that are undetectable by the abo...
متن کاملForensic Attacks Analysis and the Cyber Security of Safety-Critical Industrial Control Systems
Industrial Control Systems (ICS) and SCADA (Supervisory Control And Data Acquisition) applications monitor and control a wide range of safety-related functions. These include energy generation where failures could have significant, irreversible consequences. They also include the control systems that are used in the manufacture of safety-related products. In this case bugs in an ICS/SCADA syste...
متن کاملForensic Readiness for Wireless Medical Systems
Wireless medical devices and related information systems are vulnerable to use and abuse by unauthorized users. Medical systems are designed for a range of end users in different professional skill groups and also people who carry the devices in and on their bodies. Open, accurate and efficient communication is the priority for medical systems and as a consequence strong protection costs are tr...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computers & Security
سال: 2023
ISSN: ['0167-4048', '1872-6208']
DOI: https://doi.org/10.1016/j.cose.2022.103010