Abstract: Critical Infrastructures are the most important assets for any country in terms of economic and financial aspects and they vary from country to country. For India, power and water supplies are some of the critical infrastructures that are controlled using industrial control systems. SCADA (supervisory control and data acquisition systems) plays an important role in it. Recently they have become attractive target for highly skilled and organized cyber attackers. In the past a malware named STUXNET targeted industrial site of Iran-Uranium enrichment plant. It manipulated the set point at which the centrifuges are supposed to rotate which changed the speed of the centrifuges without the knowledge of the uranium enrichment plant-operators. A recent power blackout in Ukraine's capital Kiev was caused by a cyber-attack which created a blackout in entire north zone of the capital.
These incidents have drawn our attention towards strengthening of cybersecurity in critical infrastructure. And for this we need persistent security systems which can defend against zero day attacks. We have seen signature based IDS (Intrusion Detection Systems) that can defend against known or defined attack types but not unknown or zero days. For this we need Intelligent Intrusion detection systems that use deep learning techniques like neural networks to defend against these attacks.
This project involves
- Development of a Simulation Environment of an Industrial Control System using Python, Virtualization Technology and communication protocol MODBUS TCP.
- An anomaly based IDS using LSTM Recurrent Neural Network for ICS as these have the capabilities to learn important patterns and forget the not so important things about the operation of the plant.
- Analysis of Code Injection Attacks detected by IDS