Discussing the Feasibility of Acoustic Sensors for Side Channel-aided Industrial Intrusion Detection: An Essay

The fourth industrial revolution leads to an increased use of embedded computation and intercommunication in an industrial environment. While reducing cost and effort for set up, operation and maintenance, and increasing the time to operation or market respectively as well as the efficiency, this also increases the attack surface of enterprises. Industrial enterprises have become targets of cyber criminals in the last decade, reasons being espionage but also politically motivated. Infamous attack campaigns as well as easily available malware that hits industry in an unprepared state create a large threat landscape. As industrial systems often operate for many decades and are difficult or impossible to upgrade in terms of security, legacy-compatible industrial security solutions are necessary in order to create a security parameter. One plausible approach in industry is the implementation and employment of side-channel sensors. Combining readily available sensor data from different sources via different channels can provide an enhanced insight about the security state. In this work, a data set of an experimental industrial set up containing side channel sensors is discussed conceptually and insights are derived.

[1]  Kevin Jones,et al.  A review of cyber security risk assessment methods for SCADA systems , 2016, Comput. Secur..

[2]  Norbert Wiedermann,et al.  A framework to assess impacts of cyber attacks in manufacturing , 2019, ICCAE 2019.

[3]  Hans D. Schotten,et al.  Time is of the Essence: Machine Learning-Based Intrusion Detection in Industrial Time Series Data , 2018, 2018 IEEE International Conference on Data Mining Workshops (ICDMW).

[4]  Erik Marchi,et al.  Sparse Autoencoder-Based Feature Transfer Learning for Speech Emotion Recognition , 2013, 2013 Humaine Association Conference on Affective Computing and Intelligent Interaction.

[5]  Wei Gao,et al.  Industrial Control System Cyber Attacks , 2013, ICS-CSR.

[6]  Jon R. Lindsay,et al.  Stuxnet and the Limits of Cyber Warfare , 2013 .

[7]  S. Shankar Sastry,et al.  Intrusion Detection and Resilient Control for SCADA Systems , 2013 .

[8]  Hans D. Schotten,et al.  Devil in the Detail: Attack Scenarios in Industrial Applications , 2019, 2019 IEEE Security and Privacy Workshops (SPW).

[9]  Vinay M. Igure,et al.  Security issues in SCADA networks , 2006, Comput. Secur..

[10]  Ralph Langner To Kill a Centrifuge A Technical Analysis of What Stuxnet ’ s Creators Tried to Achieve , 2013 .

[11]  Hans D. Schotten,et al.  Two decades of SCADA exploitation: A brief history , 2017, 2017 IEEE Conference on Application, Information and Network Security (AINS).

[12]  Eduardo B. Fernández,et al.  Designing Secure SCADA Systems Using Security Patterns , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[13]  Dengguo Feng,et al.  Side-Channel Attacks: Ten Years After Its Publication and the Impacts on Cryptographic Module Security Testing , 2005, IACR Cryptol. ePrint Arch..

[14]  Christine Chen,et al.  Quantum hacking: Experimental demonstration of time-shift attack against practical quantum-key-distribution systems , 2007, 0704.3253.

[15]  Christof Paar,et al.  SCANDALee: A side-ChANnel-based DisAssembLer using local electromagnetic emanations , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[16]  Hans D. Schotten,et al.  Implementing SCADA Scenarios and Introducing Attacks to Obtain Training Data for Intrusion Detection Methods , 2019, ArXiv.

[17]  Wei Gao On Cyber Attacks and Signature Based Intrusion Detection for Modbus Based Industrial Control Systems , 2019 .

[18]  Dimitris Gritzalis,et al.  The Big Four - What We Did Wrong in Advanced Persistent Threat Detection? , 2013, 2013 International Conference on Availability, Reliability and Security.

[19]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[20]  Hans D. Schotten,et al.  Modern Problems Require Modern Solutions: Hybrid Concepts for Industrial Intrusion Detection , 2019, ArXiv.

[21]  Arquimedes Canedo,et al.  Acoustic Side-Channel Attacks on Additive Manufacturing Systems , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[22]  Hans D. Schotten,et al.  Evaluation of Machine Learning-based Anomaly Detection Algorithms on an Industrial Modbus/TCP Data Set , 2018, ARES.

[23]  Hans D. Schotten,et al.  Putting Together the Pieces: A Concept for Holistic Industrial Intrusion Detection , 2019, ArXiv.

[24]  Anna Christina Nobre,et al.  Time is of the essence , 2004, Trends in Cognitive Sciences.

[25]  Hans D. Schotten,et al.  YAAS - On the Attribution of Honeypot Data , 2017, Int. J. Cyber Situational Aware..

[26]  Kostas Papagiannopoulos,et al.  Side-channel based intrusion detection for industrial control systems , 2017, CRITIS.

[27]  S. Sastry,et al.  SCADA-specific Intrusion Detection / Prevention Systems : A Survey and Taxonomy , 2010 .