Rule-based Anomaly Detection for Railway Signalling Networks

08/12/2020
by   Markus Heinrich, et al.
0

We propose a rule-based anomaly detection system for railway signalling that mitigates attacks by a Dolev-Yao attacker who is able to inject control commands and to perform semantic attacks. The system as well mitigates the effects of a compromised signal box that an attacker uses to issue licit but mistimed control messages. We consider an attacker that could cause train derailments and collisions, if our countermeasure is not employed. We apply safety principles of railway operation to a distributed anomaly detection system that inspects incoming commands on the signals and points. The proposed anomaly detection system detects all attacks of our model without producing false positives, while it requires only a small amount of overhead in terms of network communication and latency compared to normal train operation.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
07/21/2021

Anomaly Detection via Self-organizing Map

Anomaly detection plays a key role in industrial manufacturing for produ...
research
08/22/2022

An anomaly detection approach for backdoored neural networks: face recognition as a case study

Backdoor attacks allow an attacker to embed functionality jeopardizing p...
research
09/25/2018

A Framework for Data-Driven Physical Security and Insider Threat Detection

This paper presents PS0, an ontological framework and a methodology for ...
research
11/12/2019

Anomaly Detection for Industrial Control Systems Using Sequence-to-Sequence Neural Networks

This study proposes an anomaly detection method for operational data of ...
research
07/01/2022

Ontology-Based Anomaly Detection for Air Traffic Control Systems

The Automatic Dependent Surveillance-Broadcast (ADS-B) protocol is incre...
research
02/05/2023

Towards Scalable EM-based Anomaly Detection For Embedded Devices Through Synthetic Fingerprinting

Embedded devices are omnipresent in modern networks including the ones o...
research
06/08/2010

The DCA:SOMe Comparison A comparative study between two biologically-inspired algorithms

The Dendritic Cell Algorithm (DCA) is an immune-inspired algorithm, deve...

Please sign up or login with your details

Forgot password? Click here to reset