Review of intrusion detection system in cyber‐physical system based networks: Characteristics, industrial protocols, attacks, data sets and challenges

Abstract

AbstractCyber‐Physical Systems (CPSs) provide critical infrastructure for the betterment of human lives thereby integrating cyber and physical components but the fusion of physical and digital components leads to an increase in the attack surface, which in turn provides opportunities for the attackers to intrude on these systems, which can affect the critical services like health care, water treatment facility, the electrical grid, hydropower plant, and so forth. The existing intrusion detection systems (IDSs) in CPSs are facing issues like poor detection accuracy, high false alarm rate and more computation time. Also, existing intrusion detection systems cannot identify new attacks that is, zero‐day assaults. Prerequisite exists for the design of the framework for detecting intrusions using artificial intelligence inspired approaches grounded on the principle of ensemble techniques. Intrusion detection framework assimilating ensemble‐based technique for CPS has been proposed. Since the proposed framework incorporates privileges of multiple techniques for intrusion detection and classification, hence the proposed framework may overcome the limitations of existing IDSs for CPS. Overview of cutting‐edge incursion identification methods for CPSs is presented. Several characteristics of CPS, industrial protocols, and anomaly detection techniques for intrusion detection are analyzed. Taxonomy of IDS for CPS has been proposed, taxonomy of attacks and threats on CPS has been intended. Research challenges for IDS in CPS are also uncovered from this review.