Skip to main content
SpringerLink
Log in

Combined Danger Signal and Anomaly-Based Threat Detection in Cyber-Physical Systems

  • Conference paper
Internet of Things. IoT Infrastructures (IoT360 2015)

Included in the following conference series:

Abstract

Increasing number of physical systems being connected to the internet raises security concerns about the possibility of cyber-attacks that can cause severe physical damage. Signature-based malware protection can detect known hazards, but cannot protect against new attacks with unknown attack signatures. Anomaly detection mechanisms are often used in combination with signature-based anti-viruses, however, they too have a weakness of triggering on any new previously unseen activity, even if the activity is legitimate. In this paper, we present a solution to the problem of protecting an industrial process from cyber attacks, having robotic manufacture facilities with automated guided vehicles (AGVs) as our use case. Our solution combines detection of danger signals with anomaly detection in order to minimize mis-labelling of legitimate new behaviour as dangerous.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Cani, A., Gaudesi, M., Sanchez, E., Squillero, G., Tonda, A.: Towards automated malware creation: code generation and code integration. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, pp. 157–160. ACM (2014)

    Google Scholar 

  2. Forrest, S., Perelson, A.S., Allen, L., Cherukuri, R.: Self-nonself discrimination in a computer. In: 2012 IEEE Symposium on Security and Privacy, p. 202. IEEE Computer Society (1994)

    Google Scholar 

  3. fr Sicherheit in der Informationstechnik (BSI), B.: Die lage der it-sicherheitin deutschland (2014). https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2014.pdf?__blob=publicationFile

  4. Kim, J., Bentley, P.J., Aickelin, U., Greensmith, J., Tedesco, G., Twycross, J.: Immune system approaches to intrusion detection-a review. Natural Comput. 6(4), 413–466 (2007)

    Article  MathSciNet  Google Scholar 

  5. Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. Secur. Priv. IEEE 9(3), 49–51 (2011)

    Article  Google Scholar 

  6. Manber, U., et al.: Finding similar files in a large file system. In: Usenix Winter, vol. 94, pp. 1–10 (1994)

    Google Scholar 

  7. Matzinger, P.: Tolerance, danger, and the extended family. Annu. Rev. Immunol. 12(1), 991–1045 (1994)

    Article  Google Scholar 

  8. Petit, J., Shladover, S.: Potential cyberattacks on automated vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Airbus Group Innovations, Newport, UK

    Viktoriya Degeler, Richard French & Kevin Jones

Authors
  1. Viktoriya Degeler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Richard French
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kevin Jones
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kevin Jones .

Editor information

Editors and Affiliations

  1. IBM Research, Haifa, Israel

    Benny Mandler

  2. CONNECT Centre, Trinity College, University of Dublin, Dublin, Ireland

    Johann Marquez-Barja

  3. GTA/PEE-COPPE/DEL-Poli, Universidade Federal do Rio de Janeiro (UFRJ), Rio de Janeiro, Brazil

    Miguel Elias Mitre Campista

  4. Faculty of Materials Science and Technology in Trnava, Slovak University of Technology in Bratislava, Trnava, Slovakia

    Dagmar Cagáňová

  5. Institut Télécom SudParis, Evry, France

    Hakima Chaouchi

  6. College of Communication and Information, University of Kentucky, Lexington, KY, USA

    Sherali Zeadally

  7. College of Technological Innovation, Zayed University, Dubai, United Arab Emirates

    Mohamad Badra

  8. University of Pisa, Pisa, Holy See (Vatican City State)

    Stefano Giordano

  9. DICIEAMA Department, University of Messina, Messina, Italy

    Maria Fazio

  10. CREATE-NET, Trento, Italy

    Andrey Somov

  11. University of Trento, Trento, Italy

    Radu-Laurentiu Vieriu

Rights and permissions

Reprints and permissions

Copyright information

© 2016 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Degeler, V., French, R., Jones, K. (2016). Combined Danger Signal and Anomaly-Based Threat Detection in Cyber-Physical Systems. In: Mandler, B., et al. Internet of Things. IoT Infrastructures. IoT360 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 169. Springer, Cham. https://doi.org/10.1007/978-3-319-47063-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-47063-4_3

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-47062-7

  • Online ISBN: 978-3-319-47063-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation