Angriffserkennung für industrielle Netzwerke innerhalb des Projektes IUNO
It addresses cybersecurity risks in industrial networks for small and medium-sized enterprises, but appears incremental as it builds on existing project frameworks and focuses on prototyping.
The paper tackles the problem of securing industrial networks against emerging attack vectors due to increased connectivity, particularly for small and medium-sized enterprises, by developing and prototyping security solutions derived from use cases within the IUNO project, including a method for distributed network data collection as a prerequisite for anomaly detection.
The increasing interconnectivity of industrial networks is one of the central current hot topics. It is adressed by research institutes, as well as industry. In order to perform the fourth industrial revolution, a full connectivity between production facilities is necessary. Due to this connectivity, however, an abundance of new attack vectors emerges. In the National Reference Project for Industrial IT-Security (IUNO), these risks and threats are addressed and solutions are developed. These solutions are especially applicable for small and medium sized enterprises that have not as much means in staff as well as money as larger companies. These enterprises should be able to implement the solutions without much effort. The security solutions are derived from four use cases and implemented prototypically. A further topic of this work are the research areas of the German Research Center for Artificial Intelligence that address the given challenges, as well as the solutions developed in the context of IUNO. Aside from the project itself, a method for distributed network data collection aggregation is presented, as a prerequisite for anomaly detection for network security.