Firewalls for ICS environments

Number of students: 2
Guides : Haresh Dagale, Chandramani Singh

The integration of communication networks and the internet of industrial control in Industrial Control System (ICS) increases their vulnerability to cyber-attacks. Firewalls secure information by monitoring and controlling the flow of traffic between and within networks, referencing Access Control Lists (ACL), a table of permissions, to filter traffic appropriately. However, ICS contain large and complex systems which include aging industrial machinery and networks spread out over several locations. ICS firewalls also need to work alongside Supervisory Control and Data Acquisition (SCADA) environments. Implementing firewalls for ICS/SCADA environments requires an analysis of the environment’s needs and its complexity in order to create a solution that is appropriate.
Machine Learning (ML) based methods are being promoted in design of firewalls for cyber-attacks resilient ICS. Our object will be to understand the well-known vulnerabilities and their root causes, and to employ state-of-the-art ML approaches for intrusion detection. We plan to demonstrate an ICN, its associated problems, and also how these problems can be mitigated by the proposed solution.

References:
1. Koay, A.M.Y., Ko, R.K.L., Hettema, H. et al. Machine learning in industrial control system (ICS) security: current landscape, opportunities and challenges. J Intell Inf Syst (2022).
2. Sohrab Mokhtari, Alireza Abbaspour, Kang K. Yen, and Arman Sargolzaei. 2021. “A Machine Learning Approach for Anomaly Detection in Industrial Control Systems Based on Measurement Data” Electronics 10, no. 4: 407.
3. AbdelAty, Maged, Roberto Doriguzzi-Corin and Domenico Siracusa. “DAICS: A Deep Learning Solution for Anomaly Detection in Industrial Control Systems.” IEEE Transactions on Emerging Topics in Computing 10 (2022): 1117-1129.