Eric Wagner scite author profile

The increasing interconnection of industrial networks with the Internet exposes them to an ever-growing risk of cyberattacks. A well-proven mechanism to detect such attacks is industrial intrusion detection, which searches for anomalies in otherwise predictable communication or process behavior. However, efforts to improve these detection methods mostly focus on specific domains and communication protocols, leading to a research landscape that is broken up into isolated silos. Thus, existing approaches cannot be applied to other industrial scenarios that would equally benefit from powerful detection approaches. To better understand this issue, we survey 53 detection systems and conclude that there is no fundamental reason for their narrow focus. Although they are often coupled to specific industrial protocols in practice, many approaches could generalize to new industrial scenario in theory. To unlock this potential for intrusion detection across industrial domains and protocols, we propose IPAL, our industrial protocol abstraction layer, to decouple intrusion detection from domain-specific industrial communication protocols. We show the practical applicability and correctness of IPAL through a reproducibility study in which we re-implement eight detection approaches from related work on top of IPAL. Finally, we showcase the unique benefits of IPAL for industrial intrusion detection research by studying the generalizability of existing approaches to new datasets and conclude that they are indeed not restricted to specific domains or protocols.

show abstract

A False Sense of Security?

Kus

Wagner

Pennekamp

et al. 2022

View full text Add to dashboard Cite

Can Industrial Intrusion Detection Be SIMPLE?

Wolsing

Thiemt

Sloun

et al. 2022

View full text Add to dashboard Cite

Scalable and Privacy-Focused Company-Centric Supply Chain Management

Wagner

Matzutt

Pennekamp

et al. 2022

View full text Add to dashboard Cite

Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset

Wolsing

Saillard

Bauer

et al. 2022

View full text Add to dashboard Cite

Shipboard marine radar systems are essential for safe navigation, helping seafarers perceive their surroundings as they provide bearing and range estimations, object detection, and tracking. Since onboard systems have become increasingly digitized, interconnecting distributed electronics, radars have been integrated into modern bridge systems. But digitization increases the risk of cyberattacks, especially as vessels cannot be considered air-gapped. Consequently, in-depth security is crucial. However, particularly radar systems are not sufficiently protected against harmful network-level adversaries. Therefore, we ask: Can seafarers believe their eyes? In this paper, we identify possible attacks on radar communication and discuss how these threaten safe vessel operation in an attack taxonomy. Furthermore, we develop a holistic simulation environment with radar, complementary nautical sensors, and prototypically implemented cyberattacks from our taxonomy. Finally, leveraging this environment, we create a comprehensive dataset (RadarPWN) with radar network attacks that provides a foundation for future security research to secure marine radar communication.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Eric Wagner

Secure Low Latency Communication for Constrained Industrial IoT Scenarios

Dispute Resolution for Smart Contract-based Two-Party Protocols

IPAL: Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection Systems

Facilitating Protocol-independent Industrial Intrusion Detection Systems

A False Sense of Security?

Can Industrial Intrusion Detection Be SIMPLE?

Scalable and Privacy-Focused Company-Centric Supply Chain Management

Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset

Contact Info

Product

Resources

About