Towards Developing an Artificial Intelligence-based System for Detection of Cyber Attacks in Modern Industrial Control Systems

Modern Industrial Control Systems (ICS) are increasingly getting connected to the Internet to facilitate operations. To ensure safety on the internet, the ICS communications are being encrypted. This poses a challenge for the traditional Intrusion Detection Systems that used to rely on visible messages and control data communication for detecting the presence of known attacks or anomalies in system behavior. In this work, we aim to develop an AI-based system for intrusion detection in a modern ICS by modeling the encrypted network communications across an ICS. This is particularly challenging due to the following reasons: (1) a modern ICS is a multi-vendor system, consisting of devices with proprietary hardware and software; (2) collecting and analyzing the traffic for time-sensitive applications becomes difficult due to the geographically distributed nature of modern ICS networks; and, (3) the ICS components use proprietary communication protocols and encryption algorithms. Designing an IDS that scales across all these factors is a complex data modeling problem. The expected outcome of this project is an AI-based framework for analysis of encrypted ICS communications for early intrusion detection.

Faculty Supervisor:

Karthik Pattabiraman

Student:

Partner:

Indian Institute of Technology Madras

Discipline:

Computer science

Sector:

Artificial Intelligence; Technology; Energy and Utilities

University:

The University of British Columbia

Program: