Angriffserkennung f\"ur industrielle Netzwerke innerhalb des Projektes IUNO

TL;DR

This paper discusses the development of security solutions for industrial networks within the IUNO project, focusing on attack detection, especially for small and medium enterprises, and introduces a distributed data collection method for anomaly detection.

Contribution

It presents novel security solutions derived from four use cases and a new method for distributed network data collection for anomaly detection in industrial networks.

Findings

Prototypical implementation of security solutions for industrial networks.

A new distributed data collection method for anomaly detection.

Addressing security challenges for small and medium enterprises.

Abstract

The increasing interconnectivity of industrial networks is one of the central current hot topics. It is adressed by research institutes, as well as industry. In order to perform the fourth industrial revolution, a full connectivity between production facilities is necessary. Due to this connectivity, however, an abundance of new attack vectors emerges. In the National Reference Project for Industrial IT-Security (IUNO), these risks and threats are addressed and solutions are developed. These solutions are especially applicable for small and medium sized enterprises that have not as much means in staff as well as money as larger companies. These enterprises should be able to implement the solutions without much effort. The security solutions are derived from four use cases and implemented prototypically. A further topic of this work are the research areas of the German Research Center for Artificial Intelligence that address the given challenges, as well as the solutions developed in the context of IUNO. Aside from the project itself, a method for distributed network data collection aggregation is presented, as a prerequisite for anomaly detection for network security.