Title :
Challenges of Machine Learning Based Monitoring for Industrial Control System Networks
Author :
Mantere, Matti ; Uusitalo, Ilkka ; Sailio, Mirko ; Noponen, Sami
Author_Institution :
VTT Tech. Res. Centre of Finland, Espoo, Finland
Abstract :
Detecting network intrusions and anomalies in industrial control systems is growing in urgency. Such systems used to be isolated but are now being connected to the outside world. Even in the case of isolated networks, privileged users may still present various threats to the system, either accidentally or intentionally. Also malfunctions in devices may cause anomalous traffic. Anomaly detection based network monitoring and intrusion detection systems could be capable of discerning normal and aberrant traffic in industrial control systems, detecting security incidents in an early phase. In this paper we discuss the challenges for such a monitoring system. One of the challenges is which features best differentiate between anomalous and normal behaviour. In the analysis, special focus is placed on this selection.
Keywords :
computerised monitoring; industrial control; learning (artificial intelligence); networked control systems; production engineering computing; security of data; aberrant traffic; anomalous traffic; anomaly detection based network monitoring; industrial control system networks; intrusion detection systems; isolated networks; machine learning based monitoring; network intrusion detection; normal traffic; security incident detection; Industrial control; Intrusion detection; Machine learning; Monitoring; Production facilities; Protocols;
Conference_Titel :
Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4673-0867-0
DOI :
10.1109/WAINA.2012.135
