A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation

Nai Yu Chen; Pei Wen Chou; Jung Shian Li; I. Hsien Liu

doi:10.5954/icarob.2024.os1-5

A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation

Nai Yu Chen, Pei Wen Chou, Jung Shian Li, I. Hsien Liu

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Citations (Scopus)

Abstract

Deploying intrusion detection systems is a common cybersecurity measure, and intrusion detection systems typically operate at the ports of gateways. In critical infrastructure, industrial control systems often employ network isolation strategies, lacking the role of gateways. This research primarily explores the deployment of the Snort intrusion detection system in such an environment, combined with specific OT rules. Validation is conducted using the cybersecurity testbed of the dam control system established by TWISC@NCKU in Taiwan. The results indicate that by employing our proposed approach, it is possible to effectively detect abnormal network traffic, addressing the common issue of inadequate monitoring in environments with network isolation.

Original language	English
Title of host publication	Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024
Editors	Yingmin Jia, Takao Ito, Ju-Jang Lee
Publisher	ALife Robotics Corporation Ltd
Pages	30-33
Number of pages	4
ISBN (Print)	9784991333705
DOIs	https://doi.org/10.5954/icarob.2024.os1-5
Publication status	Published - 2024
Event	29th International Conference on Artificial Life and Robotics, ICAROB 2024 - Oita, Japan Duration: 2024 Feb 22 → 2024 Feb 25

Publication series

Name	Proceedings of International Conference on Artificial Life and Robotics
ISSN (Electronic)	2435-9157

Conference

Conference	29th International Conference on Artificial Life and Robotics, ICAROB 2024
Country/Territory	Japan
City	Oita
Period	24-02-22 → 24-02-25

All Science Journal Classification (ASJC) codes

Artificial Intelligence
Computer Vision and Pattern Recognition
Hardware and Architecture
Information Systems
Control and Systems Engineering
Electrical and Electronic Engineering
Modelling and Simulation

Access to Document

10.5954/icarob.2024.os1-5

Cite this

Chen, N. Y., Chou, P. W., Li, J. S., & Liu, I. H. (2024). A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation. In Y. Jia, T. Ito, & J.-J. Lee (Eds.), Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024 (pp. 30-33). (Proceedings of International Conference on Artificial Life and Robotics). ALife Robotics Corporation Ltd. https://doi.org/10.5954/icarob.2024.os1-5

Chen, Nai Yu ; Chou, Pei Wen ; Li, Jung Shian et al. / A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation. Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024. editor / Yingmin Jia ; Takao Ito ; Ju-Jang Lee. ALife Robotics Corporation Ltd, 2024. pp. 30-33 (Proceedings of International Conference on Artificial Life and Robotics).

@inproceedings{fcaf5130c2a04506b4b00b45ff09da00,

title = "A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation",

abstract = "Deploying intrusion detection systems is a common cybersecurity measure, and intrusion detection systems typically operate at the ports of gateways. In critical infrastructure, industrial control systems often employ network isolation strategies, lacking the role of gateways. This research primarily explores the deployment of the Snort intrusion detection system in such an environment, combined with specific OT rules. Validation is conducted using the cybersecurity testbed of the dam control system established by TWISC@NCKU in Taiwan. The results indicate that by employing our proposed approach, it is possible to effectively detect abnormal network traffic, addressing the common issue of inadequate monitoring in environments with network isolation.",

author = "Chen, {Nai Yu} and Chou, {Pei Wen} and Li, {Jung Shian} and Liu, {I. Hsien}",

note = "Publisher Copyright: {\textcopyright} The 2024 International Conference on Artificial Life and Robotics (ICAROB2024); 29th International Conference on Artificial Life and Robotics, ICAROB 2024 ; Conference date: 22-02-2024 Through 25-02-2024",

year = "2024",

doi = "10.5954/icarob.2024.os1-5",

language = "English",

isbn = "9784991333705",

series = "Proceedings of International Conference on Artificial Life and Robotics",

publisher = "ALife Robotics Corporation Ltd",

pages = "30--33",

editor = "Yingmin Jia and Takao Ito and Ju-Jang Lee",

booktitle = "Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024",

}

Chen, NY, Chou, PW, Li, JS & Liu, IH 2024, A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation. in Y Jia, T Ito & J-J Lee (eds), Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024. Proceedings of International Conference on Artificial Life and Robotics, ALife Robotics Corporation Ltd, pp. 30-33, 29th International Conference on Artificial Life and Robotics, ICAROB 2024, Oita, Japan, 24-02-22. https://doi.org/10.5954/icarob.2024.os1-5

A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation. / Chen, Nai Yu; Chou, Pei Wen; Li, Jung Shian et al.
Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024. ed. / Yingmin Jia; Takao Ito; Ju-Jang Lee. ALife Robotics Corporation Ltd, 2024. p. 30-33 (Proceedings of International Conference on Artificial Life and Robotics).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation

AU - Chen, Nai Yu

AU - Chou, Pei Wen

AU - Li, Jung Shian

AU - Liu, I. Hsien

N1 - Publisher Copyright: © The 2024 International Conference on Artificial Life and Robotics (ICAROB2024)

PY - 2024

Y1 - 2024

N2 - Deploying intrusion detection systems is a common cybersecurity measure, and intrusion detection systems typically operate at the ports of gateways. In critical infrastructure, industrial control systems often employ network isolation strategies, lacking the role of gateways. This research primarily explores the deployment of the Snort intrusion detection system in such an environment, combined with specific OT rules. Validation is conducted using the cybersecurity testbed of the dam control system established by TWISC@NCKU in Taiwan. The results indicate that by employing our proposed approach, it is possible to effectively detect abnormal network traffic, addressing the common issue of inadequate monitoring in environments with network isolation.

AB - Deploying intrusion detection systems is a common cybersecurity measure, and intrusion detection systems typically operate at the ports of gateways. In critical infrastructure, industrial control systems often employ network isolation strategies, lacking the role of gateways. This research primarily explores the deployment of the Snort intrusion detection system in such an environment, combined with specific OT rules. Validation is conducted using the cybersecurity testbed of the dam control system established by TWISC@NCKU in Taiwan. The results indicate that by employing our proposed approach, it is possible to effectively detect abnormal network traffic, addressing the common issue of inadequate monitoring in environments with network isolation.

UR - http://www.scopus.com/inward/record.url?scp=85190277363&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85190277363&partnerID=8YFLogxK

U2 - 10.5954/icarob.2024.os1-5

DO - 10.5954/icarob.2024.os1-5

M3 - Conference contribution

AN - SCOPUS:85190277363

SN - 9784991333705

T3 - Proceedings of International Conference on Artificial Life and Robotics

SP - 30

EP - 33

BT - Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024

A2 - Jia, Yingmin

A2 - Ito, Takao

A2 - Lee, Ju-Jang

PB - ALife Robotics Corporation Ltd

T2 - 29th International Conference on Artificial Life and Robotics, ICAROB 2024

Y2 - 22 February 2024 through 25 February 2024

ER -

Chen NY, Chou PW, Li JS , Liu IH. A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation. In Jia Y, Ito T, Lee JJ, editors, Proceedings of The 2024 International Conference on Artificial Life and Robotics, ICAROB 2024. ALife Robotics Corporation Ltd. 2024. p. 30-33. (Proceedings of International Conference on Artificial Life and Robotics). doi: 10.5954/icarob.2024.os1-5

A Case Study of Network-Based Intrusion Detection System Deployment in Industrial Control Systems with Network Isolation

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this