TY - GEN
T1 - Intrusion detection of cyber-physical attacks in manufacturing systems
T2 - ASME 2019 International Mechanical Engineering Congress and Exposition, IMECE 2019
AU - Wu, Mingtao
AU - Moon, Young B.
N1 - Publisher Copyright:
Copyright © 2019 ASME.
PY - 2019
Y1 - 2019
N2 - Cyber-physical manufacturing system is the vision of future manufacturing systems where physical components are fully integrated through various networks and the Internet. The integration enables the access to computation resources that can improve efficiency, sustainability and cost-effectiveness. However, its openness and connectivity also enlarge the attack surface for cyber-attacks and cyber-physical attacks. A critical challenge in defending those attacks is that current intrusion detection methods cannot timely detect cyber-physical attacks. Studies showed that the physical detection provides a higher accuracy and a shorter respond time compared to network-based or host-based intrusion detection systems. Moreover, alert correlation and management methods help reducing the number of alerts and identifying the root cause of the attack. In this paper, the intrusion detection research relevant to cyber-physical manufacturing security is reviewed. The physical detection methods—using side-channel data, including acoustic, image, acceleration, and power consumption data to disclose attacks during the manufacturing process—are analyzed. Finally, the alert correlation methods—that manage the high volume of alerts generated from intrusion detection systems via logical relationships to reduce the data redundancy and false alarms—are reviewed. The study show that the cyber-physical attacks are existing and rising concerns in industry. Also, the increasing efforts in cyber-physical intrusion detection and correlation research can be utilized to secure the future manufacturing systems.
AB - Cyber-physical manufacturing system is the vision of future manufacturing systems where physical components are fully integrated through various networks and the Internet. The integration enables the access to computation resources that can improve efficiency, sustainability and cost-effectiveness. However, its openness and connectivity also enlarge the attack surface for cyber-attacks and cyber-physical attacks. A critical challenge in defending those attacks is that current intrusion detection methods cannot timely detect cyber-physical attacks. Studies showed that the physical detection provides a higher accuracy and a shorter respond time compared to network-based or host-based intrusion detection systems. Moreover, alert correlation and management methods help reducing the number of alerts and identifying the root cause of the attack. In this paper, the intrusion detection research relevant to cyber-physical manufacturing security is reviewed. The physical detection methods—using side-channel data, including acoustic, image, acceleration, and power consumption data to disclose attacks during the manufacturing process—are analyzed. Finally, the alert correlation methods—that manage the high volume of alerts generated from intrusion detection systems via logical relationships to reduce the data redundancy and false alarms—are reviewed. The study show that the cyber-physical attacks are existing and rising concerns in industry. Also, the increasing efforts in cyber-physical intrusion detection and correlation research can be utilized to secure the future manufacturing systems.
KW - Cyber-physical attack
KW - Intrusion detection and correlation
KW - Literature review
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85078759000&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85078759000&partnerID=8YFLogxK
U2 - 10.1115/IMECE2019-10135
DO - 10.1115/IMECE2019-10135
M3 - Conference contribution
AN - SCOPUS:85078759000
T3 - ASME International Mechanical Engineering Congress and Exposition, Proceedings (IMECE)
BT - Advanced Manufacturing
PB - American Society of Mechanical Engineers (ASME)
Y2 - 11 November 2019 through 14 November 2019
ER -