Threat Hunting in Industrial Control Systems
Speaker: Dr. Zahra Jadidi
Recording link: https://webcast.csiro.au/#/webcasts/threathunting
Slides:Slides-Zahra QUT
Date Time: 10 June 2021 3pm-4pm AEST
Title: Threat Hunting in Industrial Control Systems
Abstract: An Industrial Control System (ICS) adversary often takes different actions to exploit vulnerabilities, pass the border between Information Technology (IT) and Operational Technology (OT) networks, and launch a targeted attack against OT networks. Detecting these threat actions in early phases before the final stage of the attacks can be executed against industrial endpoints can help prevent adversaries from achieving their goals. Threat hunting in IT networks has been previously studied, and several hunting methods have been proposed. However, these methods are not sufficient for ICSs, as the integration of industrial legacy systems with advanced IT networks has introduced new types of vulnerabilities and it has changed the behaviour of attacks. A unified hunting solution for these integrated IT and OT networks will be discussed in this seminar. The seminar will be about an ICS Threat Hunting Framework which focuses on detecting cyber threats against ICS devices in the earliest stages of the attack lifecycle.
Bio: Dr. Zahra Jadidi is a research fellow in Cybersecurity at Queensland University of Technology.
Zahra received her PhD degree in network security from Griffith University in 2016. In her PhD research, she proposed an automated solution to detect anomalies in high-speed networks using NetFlow traffic. Zahra has a Master of Electrical Engineering and her Master thesis was also in network security.
She worked as a research fellow at Griffith University from 2016 to 2019, and participated in various projects on artificial intelligence based analysis of data received from remote sensors.
Zahra has about 15-year research and teaching experience in the networking and security area. She also has 12-year industrial experience in networking area.