Configuring an anomaly-based Network Intrusion Detection System for cybersecurity of an industrial system in the absence of information on networking infrastructure and programmed deterministic industrial process is challenging. Within the research work, different self-learning frameworks to analyze passively captured network traces from PROFINET-based industrial system for protocol-based and process behavior-based anomaly detection are developed, and evaluated on a real-world industrial system.
Configuring an anomaly-based Network Intrusion Detection System for cybersecurity of an industrial system in the absence of information on networking ...