Future of Information and Communication Conference (FICC) 2024
4-5 April 2024
Publication Links
IJACSA
Special Issues
Future of Information and Communication Conference (FICC)
Computing Conference
Intelligent Systems Conference (IntelliSys)
Future Technologies Conference (FTC)
International Journal of Advanced Computer Science and Applications(IJACSA), Volume 14 Issue 6, 2023.
Abstract: Industrial control systems (ICS) play a crucial role in various industries and ensuring their security is paramount for maintaining process continuity and reliability. In ICS, the most damaging cyber-attacks often come from trusted insiders rather than external threats or malware. Insiders have the advantage of bypassing security measures and staying undetected. This research focuses on developing a real-time intrusion detection system for ICS workstations that effectively detects insider threats while prioritizing user privacy. The approach employs file integrity monitoring to identify suspicious activities, particularly file violations such as data tampering and destruction. The model presented in this research demonstrates low system resource consumption by utilizing an event-triggered approach instead of continuous polling of file data. The model leverages built-in operating system functions, eliminating the need for third-party software installation. To minimize disruptions to the ICS network, the model operates at the supervisory level within the ICS architecture. Through extensive testing, the model achieves a high level of accuracy, detecting insider intrusions with a high true positive rate. This reliable detection capability contributes to enhancing the security of ICS and mitigating the risks associated with insider threats. By implementing this real-time intrusion detection system, organizations can effectively protect their control systems while preserving user privacy.
Bakil Al-Muntaser, Mohamad Afendee Mohamed and Ammar Yaseen Tuama, “Real-Time Intrusion Detection of Insider Threats in Industrial Control System Workstations Through File Integrity Monitoring” International Journal of Advanced Computer Science and Applications(IJACSA), 14(6), 2023. http://dx.doi.org/10.14569/IJACSA.2023.0140636
@article{Al-Muntaser2023,
title = {Real-Time Intrusion Detection of Insider Threats in Industrial Control System Workstations Through File Integrity Monitoring},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2023.0140636},
url = {http://dx.doi.org/10.14569/IJACSA.2023.0140636},
year = {2023},
publisher = {The Science and Information Organization},
volume = {14},
number = {6},
author = {Bakil Al-Muntaser and Mohamad Afendee Mohamed and Ammar Yaseen Tuama}
}
Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.