Visible to the public Framework for Detecting Control Command Injection Attacks on Industrial Control Systems (ICS)

TitleFramework for Detecting Control Command Injection Attacks on Industrial Control Systems (ICS)
Publication TypeConference Paper
Year of Publication2019
AuthorsRasapour, Farhad, Serra, Edoardo, Mehrpouyan, Hoda
Conference Name2019 Seventh International Symposium on Computing and Networking (CANDAR)
Date PublishedNov. 2019
ISBN Number978-1-7281-4725-3
Keywordsanomaly detection, command injection attacks, composability, control command injection attacks, feature extraction, IDS framework, industrial control, industrial control systems, intrusion detection system, Metrics, pubcrawl, resilience, Resiliency, security of data, sensory channel, Sensory Channels, signal sampling, signal sampling technique, Support vector machines, Terms Industrial Control Systems, Zero-day attacks

This paper focuses on the design and development of attack models on the sensory channels and an Intrusion Detection system (IDS) to protect the system from these types of attacks. The encoding/decoding formulas are defined to inject a bit of data into the sensory channel. In addition, a signal sampling technique is utilized for feature extraction. Further, an IDS framework is proposed to reside on the devices that are connected to the sensory channels to actively monitor the signals for anomaly detection. The results obtained based on our experiments have shown that the one-class SVM paired with Fourier transformation was able to detect new or Zero-day attacks.

Citation Keyrasapour_framework_2019