DEVELOPMENT OF MANAGEMENT COMPONENT IN PROCESSING SUBSYSTEM FOR INTRUSION DETECTION SYSTEM AT CYBER-PHYSICAL SYSTEM

DEVELOPMENT OF MANAGEMENT COMPONENT IN PROCESSING SUBSYSTEM FOR INTRUSION DETECTION SYSTEM AT CYBER-PHYSICAL SYSTEM

Cyber-Physical Systems (CPS) combine cyber computing with the physical world. CPS is widely used in critical large-scale applications, such as water flow control in dams and industrial control systems in various companies. Due to their safety- critical nature, attacks on CPS can have massive im...

Full description

Saved in:
Bibliographic Details
Main Author: Tito Prakasa, Muhammad
Format: Final Project
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/74167
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:Cyber-Physical Systems (CPS) combine cyber computing with the physical world. CPS is widely used in critical large-scale applications, such as water flow control in dams and industrial control systems in various companies. Due to their safety- critical nature, attacks on CPS can have massive impacts. For example, the cyber- attack on the power grid in Ukraine resulted in 225,000 people experiencing a power outage. Building an Intrusion Detection System (IDS) for CPS is one solution to protect CPS from attacks. An effective approach to building an IDS is anomaly-based detection with the assistance of machine learning. This approach identifies attacks based on anomalous events using machine learning techniques. However, one challenge in this approach is the handling of new attack cases since a learning model tends to be specific to a particular type of attack. To address this, a management component is built within the IDS to facilitate model switching, new model construction, and other configuration changes, enabling the IDS to adaptively handle various attacks. The management component adopts an A/B testing approach to switch detection models, ensuring continuous protection of CPS by the IDS. To build new models, a separate service called the training service is established with ongoing control from the management component. The implementation of the management component has successfully realized an IDS that is adaptive to attacks. However, there are shortcomings that need to be addressed in future development, specifically the need for a more robust system architecture to avoid tightly coupling certain components.

Similar Items