Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

A Hierarchical Intrusion Detection System for Industrial Control Networks based on EtherNet/IP

Version 1 : Received: 11 December 2019 / Approved: 12 December 2019 / Online: 12 December 2019 (12:35:07 CET)

A peer-reviewed article of this Preprint also exists.

Yu, W.; Wang, Y.; Song, L. A Two Stage Intrusion Detection System for Industrial Control Networks Based on Ethernet/IP. Electronics 2019, 8, 1545. Yu, W.; Wang, Y.; Song, L. A Two Stage Intrusion Detection System for Industrial Control Networks Based on Ethernet/IP. Electronics 2019, 8, 1545.

Journal reference: Electronics 2019, 8, 1545
DOI: 10.3390/electronics8121545

Abstract

Standard Ethernet (IEEE 802.3 and the TCP/IP protocol suite) is gradually applied in industrial control system (ICS) with the development of information technology. It breaks the natural isolation of ICS, but contains no security mechanism. A modified intrusion detection system (IDS), which is strongly correlated to specific industrial scenario, is necessary for modern ICS. On the one hand, this paper outlines attack models, including infiltration attacks and our creative forging attack. On the other hand, we proposes a hierarchical IDS, which contains a traffic prediction model and an anomaly detection model. The traffic prediction model, which is based on autoregressive integrated moving average (ARIMA), can forecast the traffic of ICS network in the short term and precisely detect the infiltration attacks according to abnormal changes in traffic pattern. The anomaly detection model using one-class support vector machine (OCSVM) is able to detect malicious control instructions by analyzing the key field in EtherNet/IP packets. The experimental results show that the hierarchical IDS has an outstanding performance in detecting infiltration attacks and forging attack compared with other two innovative IDSs.

Subject Areas

intrusion detection; ethernet/ip; industrial control networks

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our diversity statement.

Leave a public comment
Send a private comment to the author(s)
Views 0
Downloads 0
Comments 0
Metrics 0


×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.