Research Article
Combined Danger Signal and Anomaly-Based Threat Detection in Cyber-Physical Systems
@INPROCEEDINGS{10.1007/978-3-319-47063-4_3, author={Viktoriya Degeler and Richard French and Kevin Jones}, title={Combined Danger Signal and Anomaly-Based Threat Detection in Cyber-Physical Systems}, proceedings={Internet of Things. IoT Infrastructures. Second International Summit, IoT 360° 2015, Rome, Italy, October 27-29, 2015. Revised Selected Papers, Part I}, proceedings_a={IOT360}, year={2017}, month={1}, keywords={Intrusion detection Anomaly detection Danger Theory Automated Guided Vehicles Cyber-Physical Systems}, doi={10.1007/978-3-319-47063-4_3} }- Viktoriya Degeler
Richard French
Kevin Jones
Year: 2017
Combined Danger Signal and Anomaly-Based Threat Detection in Cyber-Physical Systems
IOT360
Springer
DOI: 10.1007/978-3-319-47063-4_3
Abstract
Increasing number of physical systems being connected to the internet raises security concerns about the possibility of cyber-attacks that can cause severe physical damage. Signature-based malware protection can detect known hazards, but cannot protect against new attacks with unknown attack signatures. Anomaly detection mechanisms are often used in combination with signature-based anti-viruses, however, they too have a weakness of triggering on any new previously unseen activity, even if the activity is legitimate. In this paper, we present a solution to the problem of protecting an industrial process from cyber attacks, having robotic manufacture facilities with automated guided vehicles (AGVs) as our use case. Our solution combines detection of danger signals with anomaly detection in order to minimize mis-labelling of legitimate new behaviour as dangerous.
