{"title":"一种具有冗余和入侵检测的网络防御工业控制系统","authors":"D. Robinson, Charles Kim","doi":"10.1109/NAPS.2017.8107186","DOIUrl":null,"url":null,"abstract":"Technological advancement of Industrial Control Systems (ICS) and control systems automation over the past decade has brought greater interconnections of the control components. Modern control communication systems such as ModbusTCP are based on open standards that leverage Ethernet to allow interoperability between solutions from different vendors. The enhanced exchange of information has, as a side effect, created cyber security vulnerabilities such as entry points for hackers. Network monitoring typically applied to corporate networks is rarely implemented for ICS networks and should be mandatory for critical systems. Defense-in-Depth (DiD) is a concept that built on the premise of early detection and providing alerts of intrusions to guarantee that defensive action is taken prior to the breach of any critical assets. This paper validates the new intrusion detection based cyberdefensive architecture by using a Raspberry Pi based ModbusTCP control system that enables simulation of cyber-attacks, and illustrates a mitigation measure with the added feature of Modbus monitoring using Snort.","PeriodicalId":296428,"journal":{"name":"2017 North American Power Symposium (NAPS)","volume":"172 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"A cyber-defensive industrial control system with redundancy and intrusion detection\",\"authors\":\"D. Robinson, Charles Kim\",\"doi\":\"10.1109/NAPS.2017.8107186\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Technological advancement of Industrial Control Systems (ICS) and control systems automation over the past decade has brought greater interconnections of the control components. Modern control communication systems such as ModbusTCP are based on open standards that leverage Ethernet to allow interoperability between solutions from different vendors. The enhanced exchange of information has, as a side effect, created cyber security vulnerabilities such as entry points for hackers. Network monitoring typically applied to corporate networks is rarely implemented for ICS networks and should be mandatory for critical systems. Defense-in-Depth (DiD) is a concept that built on the premise of early detection and providing alerts of intrusions to guarantee that defensive action is taken prior to the breach of any critical assets. This paper validates the new intrusion detection based cyberdefensive architecture by using a Raspberry Pi based ModbusTCP control system that enables simulation of cyber-attacks, and illustrates a mitigation measure with the added feature of Modbus monitoring using Snort.\",\"PeriodicalId\":296428,\"journal\":{\"name\":\"2017 North American Power Symposium (NAPS)\",\"volume\":\"172 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 North American Power Symposium (NAPS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NAPS.2017.8107186\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 North American Power Symposium (NAPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NAPS.2017.8107186","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A cyber-defensive industrial control system with redundancy and intrusion detection
Technological advancement of Industrial Control Systems (ICS) and control systems automation over the past decade has brought greater interconnections of the control components. Modern control communication systems such as ModbusTCP are based on open standards that leverage Ethernet to allow interoperability between solutions from different vendors. The enhanced exchange of information has, as a side effect, created cyber security vulnerabilities such as entry points for hackers. Network monitoring typically applied to corporate networks is rarely implemented for ICS networks and should be mandatory for critical systems. Defense-in-Depth (DiD) is a concept that built on the premise of early detection and providing alerts of intrusions to guarantee that defensive action is taken prior to the breach of any critical assets. This paper validates the new intrusion detection based cyberdefensive architecture by using a Raspberry Pi based ModbusTCP control system that enables simulation of cyber-attacks, and illustrates a mitigation measure with the added feature of Modbus monitoring using Snort.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
