Intrusion Detection in Industrial Networks via Data Streaming
Kapitel i bok, 2020

Given the increasing threat surface of industrial networks due to distributed, Internet-of-Things (IoT) based system architectures, detecting intrusions in  Industrial IoT (IIoT) systems is all the more important, due to the safety implications of potential threats. The continuously generated data in such systems form both a challenge but also a possibility: data volumes/rates are high and require processing and communication capacity but they contain information useful for system operation and for detection of unwanted situations.
In this chapter we explain that  stream processing (a.k.a. data streaming) is an emerging useful approach both for general applications and for intrusion detection in particular, especially since it can enable data analysis to be carried out in the continuum of edge-fog-cloud distributed architectures of industrial networks, thus reducing communication latency and gradually filtering and aggregating data volumes. We argue that usefulness stems also due to  facilitating provisioning of agile responses, i.e. due to potentially smaller latency for intrusion detection and hence also improved possibilities for intrusion mitigation. In the chapter we outline architectural features of IIoT networks, potential threats and examples of state-of-the art intrusion detection methodologies. Moreover, we give an overview of how leveraging distributed and parallel execution of streaming applications in industrial setups can influence the possibilities of protecting these systems. In these contexts, we give examples using electricity networks (a.k.a. Smart Grid systems).
We conclude that future industrial networks, especially their Intrusion Detection Systems (IDSs), should take advantage of data streaming concept by decoupling semantics from the deployment.

intrusion detection

data streaming

edge computing

Författare

Ismail Butun

Chalmers, Data- och informationsteknik, Nätverk och system

Magnus Almgren

Chalmers, Data- och informationsteknik, Nätverk och system

Vincenzo Massimiliano Gulisano

Chalmers, Data- och informationsteknik, Nätverk och system

Marina Papatriantafilou

Chalmers, Data- och informationsteknik, Nätverk och system

Industrial IoT: Challenges, Design Principles, Applications, and Security

213-238

Integrated cyber-physical solutions for intelligent distribution grid with high penetration of renewables (UNITED-GRID)

Europeiska kommissionen (EU), 2017-11-01 -- 2020-04-30.

Säkra IT-system för drift och övervakning av samhällskritisk infrastruktur

Myndigheten för samhällsskydd och beredskap, 2015-09-01 -- 2020-08-31.

Ämneskategorier

Datorteknik

Annan data- och informationsvetenskap

Datorsystem

Styrkeområden

Informations- och kommunikationsteknik

Drivkrafter

Innovation och entreprenörskap

DOI

10.1007/978-3-030-42500-5_6

Mer information

Senast uppdaterat

2020-09-30