Poster: Facilitating Protocol-independent Industrial Intrusion Detection Systems


Cyber-physical systems are increasingly threatened by sophisticated attackers, also attacking the physical aspect of systems. Supplementing protective measures, industrial intrusion detection systems promise to detect such attacks. However, due to industrial protocol diversity and lack of standard interfaces, great efforts are required to adapt these technologies to a large number of different protocols. To address this issue, we identify existing universally applicable intrusion detection approaches and propose a transcription for industrial protocols to realize protocol-independent semantic intrusion detection on top of different industrial protocols.

Conference paper
In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (ACM CCS'20)