W. Jung, Sung-Min Kim, Young-Hoon Goo, Myung-Sup Kim
{"title":"用结构化ACL模型表示SCADA系统中FTP服务的白名单","authors":"W. Jung, Sung-Min Kim, Young-Hoon Goo, Myung-Sup Kim","doi":"10.1109/APNOMS.2016.7737251","DOIUrl":null,"url":null,"abstract":"Due to recent integration of SCADA systems with business systems, SCADA systems became open(unprotected), leading to not only security vulnerabilities increase but also sophisticated and intelligent cyber-attacks specifically targeting SCADA systems. A whitelist based security control technique that has attracted a lot of attention, is an emerging systems control, currently can be applied to solve security problems of the SCADA system. Most of the current security techniques for systems control based on whitelist, use static ACL model. But the static ACL model has limitations in use of ANY-ANY rule which is the only way to express communications using dynamic server port and express ranges of communication features in a control device. In this paper, we propose an structured ACL model to represent an FTP service to overcome the problem of dynamice server port in passive FTP. We demonstrate the feasibility of the proposed model in this paper by applying the FTP features extraction algorithm to FTP traffic.","PeriodicalId":194123,"journal":{"name":"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Whitelist representation for FTP service in SCADA system by using structured ACL model\",\"authors\":\"W. Jung, Sung-Min Kim, Young-Hoon Goo, Myung-Sup Kim\",\"doi\":\"10.1109/APNOMS.2016.7737251\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to recent integration of SCADA systems with business systems, SCADA systems became open(unprotected), leading to not only security vulnerabilities increase but also sophisticated and intelligent cyber-attacks specifically targeting SCADA systems. A whitelist based security control technique that has attracted a lot of attention, is an emerging systems control, currently can be applied to solve security problems of the SCADA system. Most of the current security techniques for systems control based on whitelist, use static ACL model. But the static ACL model has limitations in use of ANY-ANY rule which is the only way to express communications using dynamic server port and express ranges of communication features in a control device. In this paper, we propose an structured ACL model to represent an FTP service to overcome the problem of dynamice server port in passive FTP. We demonstrate the feasibility of the proposed model in this paper by applying the FTP features extraction algorithm to FTP traffic.\",\"PeriodicalId\":194123,\"journal\":{\"name\":\"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/APNOMS.2016.7737251\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APNOMS.2016.7737251","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Whitelist representation for FTP service in SCADA system by using structured ACL model
Due to recent integration of SCADA systems with business systems, SCADA systems became open(unprotected), leading to not only security vulnerabilities increase but also sophisticated and intelligent cyber-attacks specifically targeting SCADA systems. A whitelist based security control technique that has attracted a lot of attention, is an emerging systems control, currently can be applied to solve security problems of the SCADA system. Most of the current security techniques for systems control based on whitelist, use static ACL model. But the static ACL model has limitations in use of ANY-ANY rule which is the only way to express communications using dynamic server port and express ranges of communication features in a control device. In this paper, we propose an structured ACL model to represent an FTP service to overcome the problem of dynamice server port in passive FTP. We demonstrate the feasibility of the proposed model in this paper by applying the FTP features extraction algorithm to FTP traffic.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
