Ontological representation of networks for IDS in cyber-physical systems

Abstract

Cyber-Physical System (CPSs) combine information and communication technologies and means controlling physical objects. Modern infrastructure objects such as electrical grids, smart-cities, etc. represent complex CPSs consisting of multiple interconnected software and hardware complexes. The software contained in them requires development, support, and in case of updates termination can be the target for malicious attacks. To prevent intrusion into networks of cyber-physical objects one can use Intrusion-Detection System (IDS) that are widely used in existing noncyber-physical networks. CPSs are characterized by formalization and determinacy and it allows to apply a specificationbased approach for IDS development. This paper is devoted to IDS development using the ontology-based representation of networks. This representation allows to implement both at the software level-by means of comparing movement of network traffic with its model, and at the physical level-by means of controlling connections of network devices. Ontological representation provides a model of network which is used for creation specifications for IDS.