Publications
Intrusion Detection Response using an Unsupervised Artificial Neural Network on a Single Board Computer for Building Control Resilience
The communications infrastructure for building automation systems was not originally designed to be resilient, and is susceptible to network attacks. Adversaries can exploit out-of-date legacy systems, insecure open protocols, exposure to the public internet, and outdated firmware to cause harm. To improve the defense strategies, significant efforts to provide defense through network detection have been conducted. However, the existing solutions require human intervention, such as analyst or an incident responder to investigate breaches and mitigate possible damages or data loss. Instead, this paper proposes an automated, device-level solution that can be deployed on a single board computer to effectively detect, and provide response strategies that deflect malicious signals and remediate infected devices when network-based cyber-attacks are successful. The solution monitors critical control networks, analyzes packet data, and actively detects and responds to attacks using an unsupervised artificial neural network.