Context aware intrusion detection for building automation systems

Zhiwen Pan*, Salim Hariri, Jesus Pacheco

*Autor correspondiente de este trabajo

Producción científica: Contribución a una revistaArtículorevisión exhaustiva

36 Citas (Scopus)


The Internet of Things (IoT) will connect not only computers and mobile devices, but also smart cities, buildings, and homes, as well as electrical grids, gas, and water networks, automobiles, airplanes, etc. IoT will lead to extensive interconnection between Building Automation Systems (BAS) communication protocols and the Internet. The connection to Internet and public networks increases significantly the risk of the BAS networks being attacked, since there's a significant lack of detection and defensive mechanisms for BAS networks. In this paper, we present a framework for a context-aware intrusion detection of a widely deployed Building Automation and Control network. We developed runtime models for service interactions and functionality patterns by modeling the heterogeneous information that is continuously acquired from building assets into a novel BAS context aware data structure. Our IDS performs anomaly based behavior analysis to accurately detect anomalous events triggered by cyber-attacks or any functional failure. An attack classification and severity analysis of detected attacks allow our IDS to automatically launch protective countermeasures. We evaluate our approach in the Smart Building testbed developed at the University of Arizona Center for Cloud and Autonomic Computing, by launching several cyber-attacks that exploit the generic vulnerabilities of BACnet protocol.

Idioma originalInglés
Páginas (desde-hasta)181-201
Número de páginas21
PublicaciónComputers and Security
EstadoPublicada - 1 ago. 2019
Publicado de forma externa

Nota bibliográfica

Publisher Copyright:
© 2019 Elsevier Ltd


Profundice en los temas de investigación de 'Context aware intrusion detection for building automation systems'. En conjunto forman una huella única.

Citar esto