Situational Awareness and Intrusion Detection for Building Automation Networks

Date: 
01/01/2018 to 31/12/2018

Smart buildings integrate physical and digital infrastructures in a Building Automation System (BAS), allowing devices to communicate with each other using network protocols. Such systems may be connected to the Internet, allowing attackers to exploit vulnerabilities on protocols and devices that can lead to economic loss or harm people.   Cyber-security is critical for smart buildings, but few solutions exist to improve the security of building networks. In smart buildings, we need a dynamic and accurate inventory of network devices, their characteristics, and threats they are exposed to. To the best of our knowledge, there is currently no solution that automatically and continuously identifies and characterizes BAS devices by monitoring the network. Intrusion Detection Systems (IDS) are categorized into specification-based (when detection rules are specified) and learning-based (when normal behavior is learned). Specification-based approaches for BAS use vendor-provided documents, which may not be available. Learning-based approaches adopt black-box machine learning techniques that provide little semantic information about anomalies. A white-box approach, which improves the actionability of alerts, has never been proposed for BAS networks.   This project aims to increase BAS network security using situational awareness (to identify security risks, e.g., vulnerable devices) and white-box intrusion detection (to find anomalous communication that may indicate attacks). To validate our work, we will use datasets collected from production environments and simulated in a lab facility.

Week: 
Tuesday, 11 December, 2018

News

SMESEC project Open Call for SMEs and SME associations
SMESEC has released an open call for SMEs and SME associations in order to validate SMESEC framework and at the same time improve their systems’ security.
 
SMESEC is inviting SMEs to participate in the validation of the SMESEC framework. By participating you not only have influence on the evaluation of the SMESEC framework, but also improve your own company security and get up to €20.000 of funds!

Future Events

CYBERUK 2019
24/04/2019 to 25/04/2019
Image:

CYBERUK is the UK government’s flagship cyber security event. Hosted by the National Cyber Security Centre (NCSC), it features world-class speakers, solutions and opportunities for interaction between the public and private sectors. You will be briefed on the evolving cyber threat and how we must respond as individuals and as a community to keep Britain safe in cyberspace.

CYBERUK 2019
24/04/2019 to 25/04/2019
Image:

Where: Scottish Event Campus (SEC), Glasgow
When: 24-25 April 2019
 
CYBERUK is the UK government’s flagship cyber security event. Hosted by the National Cyber Security Centre (NCSC), it features world-class speakers, solutions and opportunities for interaction between the public and private sectors. You will be briefed on the evolving cyber threat and how we must respond as individuals and as a community to keep Britain safe in cyberspace.