TY - GEN
T1 - Intrusion Detection and Prevention in Industrial Internet of Things
T2 - 16th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2023 and 14th International Conference on EUropean Transnational Education, ICEUTE 2023
AU - Jeffrey, Nicholas
AU - Tan, Qing
AU - Villar, José R.
N1 - Publisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2023
Y1 - 2023
N2 - The Industrial Internet of Things (IIoT) brings the ubiquitous connectivity of the Internet of Things (IoT) to industrial processes, optimizing manufacturing and civil infrastructures with assorted “smart” technologies. This ubiquitous connectivity to industrial processes has increased the attack surface available to threat actors, with increasingly frequent cyber attacks on physical infrastructure resulting in significant economic and life safety consequences, due to service interruptions in power grids, oil distribution pipelines, etc. The difference between IoT and IIoT is largely one of degree, with the consequence of service interruptions to IoT (ie home automation) typically limited to mild inconvenience, while interruptions to IIoT environments (ie power grids) have more significant economic and life safety consequences. The field of Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS) has traditionally focused on cyber components rather than physical components, which has resulted in threat detection capabilities in IIoT environments lagging behind their non-industrial counterparts, leading to increasingly frequent attacks by threat actors against critical infrastructure. This paper reviews the current state of IDS/IPS capabilities in industrial environments and compares the maturity and effectiveness to the more established IDS/IPS capabilities of non-industrial Information Technology (IT) networks. As a new contribution, this paper also identifies gaps in the existing research in the field, and maps selected challenges to potential solutions and/or opportunities for further research.
AB - The Industrial Internet of Things (IIoT) brings the ubiquitous connectivity of the Internet of Things (IoT) to industrial processes, optimizing manufacturing and civil infrastructures with assorted “smart” technologies. This ubiquitous connectivity to industrial processes has increased the attack surface available to threat actors, with increasingly frequent cyber attacks on physical infrastructure resulting in significant economic and life safety consequences, due to service interruptions in power grids, oil distribution pipelines, etc. The difference between IoT and IIoT is largely one of degree, with the consequence of service interruptions to IoT (ie home automation) typically limited to mild inconvenience, while interruptions to IIoT environments (ie power grids) have more significant economic and life safety consequences. The field of Intrusion Detection Systems / Intrusion Prevention Systems (IDS/IPS) has traditionally focused on cyber components rather than physical components, which has resulted in threat detection capabilities in IIoT environments lagging behind their non-industrial counterparts, leading to increasingly frequent attacks by threat actors against critical infrastructure. This paper reviews the current state of IDS/IPS capabilities in industrial environments and compares the maturity and effectiveness to the more established IDS/IPS capabilities of non-industrial Information Technology (IT) networks. As a new contribution, this paper also identifies gaps in the existing research in the field, and maps selected challenges to potential solutions and/or opportunities for further research.
KW - Cyber-Physical Systems
KW - IIoT
KW - Industrial Internet of Things
KW - Intrusion Detection
KW - Intrusion Prevention
UR - http://www.scopus.com/inward/record.url?scp=85171462347&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-42519-6_4
DO - 10.1007/978-3-031-42519-6_4
M3 - Published Conference contribution
AN - SCOPUS:85171462347
SN - 9783031425189
T3 - Lecture Notes in Networks and Systems
SP - 37
EP - 48
BT - International Joint Conference 16th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2023) 14th International Conference on EUropean Transnational Education (ICEUTE 2023) - Proceedings
A2 - García Bringas, Pablo
A2 - Pérez García, Hilde
A2 - Martínez de Pisón, Francisco Javier
A2 - Martínez Álvarez, Francisco
A2 - Troncoso Lora, Alicia
A2 - Herrero, Álvaro
A2 - Calvo Rolle, José Luis
A2 - Quintián, Héctor
A2 - Corchado, Emilio
Y2 - 5 September 2023 through 7 September 2023
ER -