Investigating Process-Aware Attack Detection on Embedded Systems

Visa enkel post
dc.contributor.authorHELLQVIST, ALBIN
dc.contributor.authorOVERLAND, ALBERT
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data och informationstekniksv
dc.contributor.examinerJonsson, Erland
dc.contributor.supervisorAlmgren, Magnus
dc.date.accessioned2019-07-11T07:40:42Z
dc.date.available2019-07-11T07:40:42Z
dc.date.issued2019sv
dc.date.submitted2019
dc.description.abstractIn many industrial settings, there are multiple processes that need to be monitored and controlled. Examples of such processes include controlling the flow of water in a hydroelectric plant or managing the temperature in an industrial water boiler. The systems supervising these processes are called Industrial Control Systems (ICSs). In some cases, ICSs are in control of critical infrastructure which makes them a worthwhile or profitable target for adversaries. Furthermore, ICSs are increasingly becoming targets of cyber attacks due to their increased network connectivity and integration into previously isolated systems. In addition, the advent of Internet of Things (IoT) increases the number of systems that can be targeted by similar cyber attacks. Since ICSs encompass a variety of different applications, each having its specific requirements, current methods of detecting attacks are oftentimes application-specific and not scalable. In response to the increased need for application-agnostic security, attack-detection methods with the capability of only using sensory data for detecting attacks have recently been proposed in the literature. These recently proposed attack-detection methods are to be run in ICS or IoT environments where power consumption is of concern in addition to limited hardware resources. Consequently, the scope and the aim of this thesis is to implement and evaluate one of these recent types of methods on a resource-constrained embedded system. For this task, a state-of-the-art attack-detection method was chosen together with a suitable embedded system on which the method was implemented. Additionally, a test environment consisting of three different sensors was set up in order to have real data for the evaluation of the system. The results show that the chosen attack-detection method is able to detect various types of attacks in real time when running on the resource-constrained embedded system. Furthermore, by tweaking certain parameters, the method could possibly run on less powerful embedded systems or with better resource utilization. Additionally, the results show that the embedded system, together with the attack-detection method, can potentially be used in resource-constrained ICS or IoT environments to detect attacks in real time.sv
dc.identifier.coursecodeDATX05sv
dc.identifier.urihttps://hdl.handle.net/20.500.12380/300041
dc.language.isoengsv
dc.setspec.uppsokTechnology
dc.subjectIndustrial control systemssv
dc.subjectInternet of Thingssv
dc.subjectcomputer securitysv
dc.subjectintrusion detection systemsv
dc.subjectanomaly-based attack detectionsv
dc.subjectembedded systemssv
dc.subjectmicrocontrollersv
dc.subjectresource-constrained devicessv
dc.titleInvestigating Process-Aware Attack Detection on Embedded Systemssv
dc.type.degreeExamensarbete för masterexamensv
dc.type.uppsokH
local.programmeComputer systems and networks (MPCSN), MSc
Ladda ner
Original bundle
Visar 1 - 1 av 1
Bild (thumbnail)
Namn:
CSE 19-25 Hellqvist Overland.pdf
Storlek:
7.8 MB
Format:
Adobe Portable Document Format
Beskrivning:
CSE Hellqvist, Albin & Overland, Albert
Ladda ner
License bundle
Visar 1 - 1 av 1
Bild (thumbnail)
Namn:
license.txt
Storlek:
1.14 KB
Format:
Item-specific license agreed upon to submission
Beskrivning:
Ladda ner
Samling
Examensarbeten för masterexamen