On the Challenges of Holistic Intrusion Detection in ICS
Stefan Lenz, Julia Raab, Benedikt Holzbach, Deniz Köller, Sotiris Michaelides + 1 more
TLDR
This paper discusses the challenges in developing a single, holistic intrusion detection system for industrial control systems (ICS) that covers all attack dimensions.
Key contributions
- ICS adversaries target both network and physical processes for catastrophic impact.
- Existing IDS focus on isolated characteristics, requiring multiple, complex deployments.
- Highlights the critical need for a holistic intrusion detection system in ICS.
- Presents challenges encountered during research towards a comprehensive ICS security solution.
Why it matters
This paper is crucial for understanding the complexities of securing Industrial Control Systems. It highlights the limitations of current isolated detection systems and calls for research into holistic solutions to protect critical infrastructure from multi-faceted attacks.
Original Abstract
Past attacks against industrial control systems (ICS) show that adversaries often target both the ICS network and the physical process to achieve potential catastrophic impact. To secure ICS, intrusion detection systems promise timely uncovering of such adversaries. However, as these detection mechanisms typically focus on isolated characteristics of ICS (e.g., packet timings), multiple detection systems have to be deployed in parallel, complicating their operation in practice. In this work, to spur discussion and further research, we present challenges encountered during our research towards a holistic intrusion detection system aiming to cover all dimensions of an ICS.
📬 Weekly AI Paper Digest
Get the top 10 AI/ML arXiv papers from the week — summarized, scored, and delivered to your inbox every Monday.