Proactive Detection of Zero-Day Vulnerabilities in Industrial Control Systems Through Baseline Configuration Monitoring

Proactive Detection of Zero-Day Vulnerabilities in Industrial Control Systems Through Baseline Configuration Monitoring

연구 분야: Strategies

학회: 2024 International Conference on IT Innovation and Knowledge Discovery (ITIKD)

Industrial Control Systems (ICS) are vital to critical infrastructure, making their cybersecurity essential. This paper addresses the challenge of detecting zero-day vulnerabilities in ICS environments, where timely patching is critical to prevent disruption. “Baseline Configuration Checker,” a software tool designed by the authors to proactively identify deviations in Windows service configurations against vendor-defined baselines. Through real-time comparison and analysis of service attributes, the engine enables the detection of potential vulnerabilities introduced by misconfigurations or unauthorized modifications. Evaluation in a controlled ICS lab environment demonstrates the engine's high accuracy in detecting deviations, facilitating proactive vulnerability management and enhancing ICS security.