PhD school: KIDS, Kestrel Based Intrusion Detection System for industrial control systems

cb
Thumbnail Image
Files
EWSN24-PSCE_paper_10.pdf(365.29 KB)
Accepted Version
Date
2024
Authors
Wani, Nowshaba Jeelani
Journal Title
Journal ISSN
Volume Title
Publisher
Association for Computing Machinery
Published Version
Research Projects
Organizational Units
Journal Issue
Abstract
Security of industrial systems is hugely impacted by the convergence of Information Technology (IT) and Operational Technology (OT). While the focus has been largely on improved security of IT systems, less effort has been spent on securing the OT side of industrial processes, in particular Industrial Control Systems (ICS). This integration of IT and OT has introduced a significant gap between Intrusion Detection Systems (IDS) used for IT and those required for OT. The majority of tools to improve OT security ignore its process based nature and only concentrate on management components, which are essentially IT systems. Specifically, IDS for IT are applied to OT. This approach has serious limits as an attack on the industrial process is often invisible. The aim of this PhD research is to close this gap by developing a unified approach to IDS that addresses the specific needs and constraints of OT while also leveraging the strengths of IT based security mechanisms. The current goal is to design an IDS called "Kestrel Intrusion Detection System (KIDS)", which is a threat hunting framework based on Kestrel that aims at bringing IT and OT security closer together to improve IDS for industrial environments. The IDS proposed represents a foundational query-based design that functions with the ICS components irrespective of vendor or implementation complexities. The flexibility also allows its quick adaptation to different manufacturing processes. Once developed and tested, KIDS will be compared to state-of-art IDS used in OT and improved gradually. This work will contribute to both theoretical and practical understanding of threat detection in converged IT, OT infrastructures.
Description
Keywords
Industrial control systems , Intrusion detection systems , Operational technologies , Threat hunting , Security
Citation
Wani, N. J. (2024) 'PhD school: KIDS, Kestrel Based Intrusion Detection System for industrial control systems', 21st International Conference on Embedded Wireless Systems and Networks (EWSN '24), Abu Dhabi, UAE, 10-13 December. Available at: https://www.ewsn.org/file-repository/ewsn2024/EWSN24-PSCE_paper_10.pdf (Accessed: 22 May 2025)
Link to publisher’s version
URI
https://hdl.handle.net/10468/17562
Collections
Computer Science - Conference Items
Copyright
© 2024, the Author. For the purpose of Open Access, the author has applied a CC BY public copyright licence to any Author Accepted Manuscript version arising from this submission.