Abstract
The industrial control system is the core of various infrastructures. With the development of process technology and the development of computer network technology, industrial control systems are constantly integrating with the Internet, evolving into an open system, which also brings numerous threats to the industrial control systems. As an important security protection technology, many scholars have conducted a lot of research on industrial control system intrusion detection. The main work of this paper is to summarize the current intrusion detection technology. First part introduces the industrial control system and analyzing its threat and the main defense technologies. The second introduces the intrusion detection technology. followed by the current research on the different classification methods of intrusion detection technology to summarize, classify and compare the existing research. Finally, it summarizes and looks forward to intrusion detection technology of industrial control system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. Mag. 9(3), 49–51 (2011)
Bai, X.: Discussion on industrial control system security threat and protection application. China information technology (2018)
Tan, Q., Gao, Y., Shi, J., Wang, X., Fang, B., Tian, Z.: Toward a comprehensive insight to the eclipse attacks of tor hidden services. IEEE Internet Things J. 6(2), 1584–1593 (2019)
Qi, W.: Review on information security of industrial control systems. Commun. Power Technol. 36(05), 225–226 (2019)
Tian, Z., Li, M., Qiu, M., Sun, Y., Su, S.: Block-DEF: a secure digital evidence system using blockchain. Inf. Sci. 491, 151–165 (2019). https://doi.org/10.1016/j.ins.2019.04.011
Tian, Z., Su, S., Yu, X., et al.: Vcash: a novel reputation framework for identifying denial of traffic service in internet of connected vehicles. IEEE Internet Things J. 7(5), 3901–3909 (2019)
Tian, Z., et al.: Real time lateral movement detection based on evidence reasoning network for edge computing environment. IEEE Trans. Ind. Inform. 15(7), 4285–4294 (2019). https://doi.org/10.1109/TII.2019.2907754
Tian, Z., Gao, X., Su, S., Qiu, J., Du, X., Guizani, M.: Evaluating reputation management schemes of Internet of vehicles based on evolutionary game theory. IEEE Trans. Veh. Technol. 68(6), 5971–5980 (2019). https://doi.org/10.1109/TVT.2019.2910217
Misra, S., Krishna, P.V., Abraharm, K.I.: Energy efficient learning solution for intrusion detection in wireless sensor network. In: Proceedings of the 2nd Communication System and Networks, pp. 1–6. IEEE (2010)
Barbosa, R.R.R., Sadre, R., Pras, A.: Towards periodicity based anomaly detection in SCADA networks. In: Proceedings of 2012 IEEE 17th International Conference on Emerging Technologies and Factory Automation (ETFA 2012). IEEE (2012)
Hou, C., et al.: A probabilistic principal component analysis approach for detecting traffic normaly in industrial networks. J. Xi’an Jiaotong Univ. 46(2), 70–75 (2012)
Luo, Y.: Research and design on intrusion detection methods for industrial control system. Ph.D. Zhejiang University, Hangzhou, China (2013)
Ten, C.W., Hong, J., Liu, C.C.: Anomaly detection for cybersecurity of the substations. IEEE Trans. Smart Grid 2(4), 865–873 (2011)
Morrist, T., Vaughnr, R., Dandassy, Y.: A retrofit network intrusion detection system for modbus RTU and ASCII industrial control systems. In: The 45th Hawaii International Conference on System Science, pp. 2338–2345 (2012)
Zhang, R., Chen, H.: SVPSO-SVM industrial control intrusion detection algorithm, pp. 1–17 (2019). Accessed 29 Nov 2019. https://doi.org/10.19678/j.issn.1000-3428.0054989
Vollmer, T., Manic, M.: Cyber-physical system security with deceptive virtual hosts for industrial control networks. IEEE Trans. Ind. Inf. 10(2), 1337–1347 (2014)
Tian, Z., Su, S., Shi, W., Du, X., Guizani, M., Yu, X.: A data-driven model for future Internet route decision modeling. Future Gener. Comput. Syst. 95, 212–220 (2019)
Shang, W., et al.: Industrial communication intrusion detection algorithm based on improved one-class SVM. In: 2015 World Congress on Industrial Control Systems Security (WCICSS). IEEE (2015)
Xiong, Y., Wang, H.: Research on network intrusion detection based on SSAE-PNN algorithm 019. J. Tianjin Univ. Technol. 35(05), 6–11 (2015)
Morris, T., Vaughn, R., Dandass, Y.: A retrofit network intrusion detection system for MODBUS RTU and ASCII industrial control systems. In: 2012 45th Hawaii International Conference on System Sciences. IEEE (2012)
Wang, H.: On anomaly detection and defense resource allocation of industrial control networks. Diss. Zhejiang University (2014)
Hou, C.Y., Jiang, H.H., Rui, W.Z., Liu, L.: A probabilistic principal component analysis approach for detecting traffic anomaly in industrial network. J. Xi’an Jiao Tong Univ. 46(2), 70–75 (2017)
Gao, C.M.: Network traffic anomaly detection based on industrial control network. Beijing University of Technology, Beijing (2014)
Shang, W.L., Sheng, S.Z., Ming, W.: Modbus/TCP communication anomaly detection based on PSO-SVM. In: Applied Mechanics and Materials. vol. 490. Trans Tech Publications (2014)
Yang, D., Usynin, A., Hines, J.W.: Anomaly-based intrusion detection for SCADA systems. In: 5th International Topical Meeting on Nuclear Plant Instrumentation, Control and Human Machine Interface Technologies (Npic & Hmit 2005) (2015)
Liu, C.C.: Research on intrusion detection technology of industrial control system. University of Electronic Science and Technology of China, Cheng Du (2017)
Khalili, A., Sami, A.: SysDetect: a systematic approach to critical state determination for industrial intrusion detection systems using Apriori algorithm. J. Process Control 32, 154–160 (2015)
Ahmed, S., et al.: Unsupervised machine learning—based detection of covert data integrity assault in smart grid networks utilizing isolation forest. IEEE Trans. Inf. Forensics Secur. 14(10), 2765–2777 (2019)
Huazhong, W., Zhihui, Y., et al.: Application of fusion PCA and PSO-SVM method in industrial control intrusion detection. Bull. Sci. Technol. 33(1), 80–85 (2017)
Zhang, F., et al.: Multi-layer data-driven cyber-attack detection system for industrial control systems based on network, system and process data. IEEE Trans. Ind. Inf. 15(7), 4362–4369 (2019)
Erez, N., Avishai, W.: Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems. Int. J. Crit. Infrastruct. Prot. 10, 59–70 (2015)
Acknowledgments
This work is funded by the National Key Research and Development Plan (Grant No. 2018YFB0803504), the National Natural Science Foundation of China (No. 61702223, 61702220, 61871140, 61602210, 61877029, U1636215), the Science and Technology Planning Project of Guangdong (2017A040405029), the Science and Technology Planning Project of Guangzhou (201902010041), the Fundamental Research Funds for the Central Universities (21617408, 21619404).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Xia, D., Sun, Y., Guan, Q. (2020). Research on Intrusion Detection Technology of Industrial Control Systems. In: Sun, X., Wang, J., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2020. Communications in Computer and Information Science, vol 1254. Springer, Singapore. https://doi.org/10.1007/978-981-15-8101-4_13
Download citation
DOI: https://doi.org/10.1007/978-981-15-8101-4_13
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-8100-7
Online ISBN: 978-981-15-8101-4
eBook Packages: Computer ScienceComputer Science (R0)