- Library Home /
- Search Collections /
- Open Collections /
- Browse Collections /
- UBC Theses and Dissertations /
- CORGIDS : a correlation-based generic intrusion detection...
Open Collections
UBC Theses and Dissertations
UBC Theses and Dissertations
CORGIDS : a correlation-based generic intrusion detection system Aggarwal, Ekta
Abstract
Cyber-Physical Systems (CPS) consist of software and physical components which collaborate and interact with each other continuously. CPS deployed in security critical scenarios such as medical devices, autonomous cars, and smart homes have been targets of security attacks due to their safety-critical nature and relative lack of protection. Anomaly-based Intrusion Detection System (IDS) using data, temporal, and logical correlations have been proposed in the past. But none of the approaches except the ones using logical correlations take into account the main ingredient in the operation of CPS, namely the use of physical properties. On the other hand, IDS that use physical properties either require the developer to define invariants manually or have designed their IDS for a specific CPS. This study proposes a Correlation-based Generic Intrusion Detection System (CORGIDS), a generic IDS capable of detecting security attacks by inferring the logical correlations of the physical properties of a CPS, and checking if they adhere to the predefined framework. A CORGIDS-based prototype is built and used for detecting attacks on two example CPSs - Unmanned Aerial Vehicle (UAV) and Smart Artificial Pancreas (SAP). It is found that CORGIDS achieves a precision of 95.70%, and a recall of 87.90%, while detecting attacks with modest memory and performance overheads.
Item Metadata
| Title |
CORGIDS : a correlation-based generic intrusion detection system
|
| Creator | |
| Publisher |
University of British Columbia
|
| Date Issued |
2019
|
| Description |
Cyber-Physical Systems (CPS) consist of software and physical components which collaborate and interact with each other continuously. CPS deployed in security critical scenarios such as medical devices, autonomous cars, and smart homes have been targets of security attacks due to their safety-critical nature and relative lack of protection. Anomaly-based Intrusion Detection System (IDS) using data, temporal, and logical correlations have been proposed in the past. But none of the approaches except the ones using logical correlations take into account the main
ingredient in the operation of CPS, namely the use of physical properties. On the other hand, IDS that use physical properties either require the developer to define invariants manually or have designed their IDS for a specific CPS. This study proposes a Correlation-based Generic Intrusion Detection System (CORGIDS), a generic IDS capable of detecting security attacks by inferring the logical correlations of the physical properties of a CPS, and checking if they adhere to the predefined framework. A CORGIDS-based prototype is built and used for detecting attacks on two example CPSs - Unmanned Aerial Vehicle (UAV) and Smart Artificial Pancreas (SAP). It is found that CORGIDS achieves a precision of 95.70%, and a recall of 87.90%, while detecting attacks with modest memory and performance overheads.
|
| Genre | |
| Type | |
| Language |
eng
|
| Date Available |
2019-04-17
|
| Provider |
Vancouver : University of British Columbia Library
|
| Rights |
Attribution-NonCommercial-NoDerivatives 4.0 International
|
| DOI |
10.14288/1.0378283
|
| URI | |
| Degree | |
| Program | |
| Affiliation | |
| Degree Grantor |
University of British Columbia
|
| Graduation Date |
2019-05
|
| Campus | |
| Scholarly Level |
Graduate
|
| Rights URI | |
| Aggregated Source Repository |
DSpace
|
Item Media
Item Citations and Data
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International