Lyes Bayou, N. Cuppens-Boulahia, D. Espès, F. Cuppens
{"title":"基于cd的工业无线传感器网络入侵检测部署方案研究","authors":"Lyes Bayou, N. Cuppens-Boulahia, D. Espès, F. Cuppens","doi":"10.1109/ARES.2016.48","DOIUrl":null,"url":null,"abstract":"The use of wireless communication is a major trend in the so called Supervisory Control and Data Acquisition systems (SCADA). Consequently, Wireless Industrial Sensor Networks (WISN) were developed to meet real time and security requirements needed by SCADA systems. In term of security, WISN suffer from the same threats that those targeting classical WSN. Indeed, attackers mainly use wireless communication as a medium to launch these attacks. But as these networks are used to manage critical systems, consequences of such attacks can be more harmful. Therefore, additionally to the use of cryptographic and authentication mechanisms, Intrusion Detection Systems (IDS) are also used as a second line of defense. In this paper we propose an efficient IDS deployment scheme specially tailored to fit WISN characteristics. It builds a virtual wireless backbone that adds security purposes to the WISN. We also show that the proposed deployment scheme provides a good traffic monitoring capability with an acceptable number of monitoring nodes. It particularly allows detecting that a packet has been forged, deleted, modified or delayed during its transmission.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Towards a CDS-based Intrusion Detection Deployment Scheme for Securing Industrial Wireless Sensor Networks\",\"authors\":\"Lyes Bayou, N. Cuppens-Boulahia, D. Espès, F. Cuppens\",\"doi\":\"10.1109/ARES.2016.48\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The use of wireless communication is a major trend in the so called Supervisory Control and Data Acquisition systems (SCADA). Consequently, Wireless Industrial Sensor Networks (WISN) were developed to meet real time and security requirements needed by SCADA systems. In term of security, WISN suffer from the same threats that those targeting classical WSN. Indeed, attackers mainly use wireless communication as a medium to launch these attacks. But as these networks are used to manage critical systems, consequences of such attacks can be more harmful. Therefore, additionally to the use of cryptographic and authentication mechanisms, Intrusion Detection Systems (IDS) are also used as a second line of defense. In this paper we propose an efficient IDS deployment scheme specially tailored to fit WISN characteristics. It builds a virtual wireless backbone that adds security purposes to the WISN. We also show that the proposed deployment scheme provides a good traffic monitoring capability with an acceptable number of monitoring nodes. It particularly allows detecting that a packet has been forged, deleted, modified or delayed during its transmission.\",\"PeriodicalId\":216417,\"journal\":{\"name\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"volume\":\"78 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-08-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2016.48\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference on Availability, Reliability and Security (ARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2016.48","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards a CDS-based Intrusion Detection Deployment Scheme for Securing Industrial Wireless Sensor Networks
The use of wireless communication is a major trend in the so called Supervisory Control and Data Acquisition systems (SCADA). Consequently, Wireless Industrial Sensor Networks (WISN) were developed to meet real time and security requirements needed by SCADA systems. In term of security, WISN suffer from the same threats that those targeting classical WSN. Indeed, attackers mainly use wireless communication as a medium to launch these attacks. But as these networks are used to manage critical systems, consequences of such attacks can be more harmful. Therefore, additionally to the use of cryptographic and authentication mechanisms, Intrusion Detection Systems (IDS) are also used as a second line of defense. In this paper we propose an efficient IDS deployment scheme specially tailored to fit WISN characteristics. It builds a virtual wireless backbone that adds security purposes to the WISN. We also show that the proposed deployment scheme provides a good traffic monitoring capability with an acceptable number of monitoring nodes. It particularly allows detecting that a packet has been forged, deleted, modified or delayed during its transmission.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
