Anomaly Detection in Industrial Networks: An Introduction

With the advent of 21st Century, we stepped into the fourth industrial revolution of cyber physical systems. The industrial components are modular and capable of taking decentralized decisions in real time. The processes can be virtualized and automated through inter-operable service oriented components connected in a network. Therefore, there is need of secured network systems and intrusion detection systems in order to detect network attacks. Use of machine learning for anomaly detection in industrial networks faces challenges which restricts its large-scale commercial deployment. A roadmap is proposed to overcome the challenges. Real world network traffic for an industrial production is generated by IT Security Laboratory at Fraunhofer IOSB. The various attack vectors can be implemented under these circumstances and an adaptive hybrid analysis would reduce the errors of an intrusion detection system. Alarm correlation could be performed for semantic descriptions of detected results to network operator.