A Feasibility Study on the Application of the ScriptGenE Framework as an Anomaly Detection System in Industrial Control Systems
Abstract
Recent events such as Stuxnet and the Shamoon Aramco have brought to light how vulnerable industrial control systems (ICSs) are to cyber attacks. Modern society relies heavily on critical infrastructure, including the electric power grid, water treatment facilities, and nuclear energy plants. Malicious attempts to disrupt, destroy and disable such systems can have devastating e ects on a populations way of life, possibly leading to loss of life. The need to implement security controls in the ICS environment is more vital than ever. ICSs were not originally designed with network security in mind. Today, intrusion detection systems are employed to detect attacks that penetrate the ICS network. This research proposes the use of a novel algorithm known as the ScriptGenE framework as an anomaly-based intrusion detection system. The anomaly detection system (ADS) is implemented between an engineering workstation and programmable logic controller to monitor tra c and alert the operator to anomalous behavior. The ADS achieves true positive rates of 0.9011 and 1.00 with false positive rates of 0 and 0.054. This research demonstrates the viability of using the ScriptGenE framework as an anomaly detection system in a simulated ICS environment.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 17, 2015
- Accession Number
- ADA622349
Entities
People
- Charito M. Corvin
Organizations
- Air Force Institute of Technology