Abstract
In the past years, industrial networks have become increasingly interconnected and opened to private or public networks. This leads to an increase in efficiency and manageability, but also increases the attack surface. Industrial networks often consist of legacy systems that have not been designed with security in mind. In the last decade, an increase in attacks on cyber-physical systems was observed, with drastic consequences on the physical work. In this work, attack vectors on industrial networks are categorised. A real-world process is simulated, attacks are then introduced. Finally, two machine learning-based methods for time series anomaly detection are employed to detect the attacks. Matrix Profiles are employed more successfully than a predictor Long Short-Term Memory network, a class of neural networks.
Abstract (translated)
在过去的几年里,工业网络越来越相互连接,并向私人或公共网络开放。这会提高效率和可管理性,但也会增加攻击面。工业网络通常由未考虑安全性的遗留系统组成。在过去的十年中,网络物理系统受到的攻击有所增加,对物理工作产生了巨大的影响。本文对工业网络上的攻击向量进行了分类。模拟一个真实的过程,然后引入攻击。最后,采用两种基于机器学习的时间序列异常检测方法对攻击进行检测。与预测长期短期记忆网络(一类神经网络)相比,矩阵轮廓的应用更为成功。
URL
https://arxiv.org/abs/1905.10292