一种利用欺骗技术保护关键基础设施工业控制系统的IDS

IF 0.6 Q4 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS
Shaobo Zhang, Yuhang Liu, Dequan Yang
{"title":"一种利用欺骗技术保护关键基础设施工业控制系统的IDS","authors":"Shaobo Zhang, Yuhang Liu, Dequan Yang","doi":"10.4018/ijdcf.302874","DOIUrl":null,"url":null,"abstract":"The Industrial Control System (ICS) has become the key concept in the modern industrial world, enabling process monitoring and system control for general industrial systems and critical infrastructures. High-skilled hackers can invade an imperfect ICS by existing vulnerabilities without much effort. Conventional defenses (such as encryption and firewall) to keep invaders away are getting less and less effective when an attack is carried out by exploiting an array of particular vulnerabilities. Under this circumstance, a new-type intrusion detection system (IDS) based on deception strategy using honeypot technique is proposed, which is of dramatic effectiveness in protecting ICSs of critical infrastructures. In this honeypot-based model, we capture malicious Internet flows and system operations. We analyze the collected data before alerting and preventing the intrusion alike when it affects the system in the future. This paper deals with the model's concept, architecture, deployment, and what else can be achieved in the field of Critical Infrastructure Cybersecurity (CIC).","PeriodicalId":44650,"journal":{"name":"International Journal of Digital Crime and Forensics","volume":null,"pages":null},"PeriodicalIF":0.6000,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Novel IDS Securing Industrial Control System of Critical Infrastructure Using Deception Technology\",\"authors\":\"Shaobo Zhang, Yuhang Liu, Dequan Yang\",\"doi\":\"10.4018/ijdcf.302874\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Industrial Control System (ICS) has become the key concept in the modern industrial world, enabling process monitoring and system control for general industrial systems and critical infrastructures. High-skilled hackers can invade an imperfect ICS by existing vulnerabilities without much effort. Conventional defenses (such as encryption and firewall) to keep invaders away are getting less and less effective when an attack is carried out by exploiting an array of particular vulnerabilities. Under this circumstance, a new-type intrusion detection system (IDS) based on deception strategy using honeypot technique is proposed, which is of dramatic effectiveness in protecting ICSs of critical infrastructures. In this honeypot-based model, we capture malicious Internet flows and system operations. We analyze the collected data before alerting and preventing the intrusion alike when it affects the system in the future. This paper deals with the model's concept, architecture, deployment, and what else can be achieved in the field of Critical Infrastructure Cybersecurity (CIC).\",\"PeriodicalId\":44650,\"journal\":{\"name\":\"International Journal of Digital Crime and Forensics\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.6000,\"publicationDate\":\"2022-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Digital Crime and Forensics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijdcf.302874\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Digital Crime and Forensics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijdcf.302874","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
引用次数: 1

摘要

工业控制系统(ICS)已成为现代工业世界的关键概念,可以对一般工业系统和关键基础设施进行过程监控和系统控制。高技能的黑客可以毫不费力地利用现有的漏洞入侵不完美的ICS。当利用一系列特殊漏洞进行攻击时,阻止入侵者的传统防御(如加密和防火墙)变得越来越无效。在这种情况下,提出了一种基于蜜罐欺骗策略的新型入侵检测系统,该系统在保护关键基础设施的入侵控制系统方面具有显著的效果。在这个基于蜜罐的模型中,我们捕获了恶意的互联网流和系统操作。我们对收集到的数据进行分析,然后在将来入侵影响系统时发出警报,防止入侵。本文讨论了该模型的概念、体系结构、部署以及在关键基础设施网络安全(CIC)领域可以实现的其他目标。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
A Novel IDS Securing Industrial Control System of Critical Infrastructure Using Deception Technology
The Industrial Control System (ICS) has become the key concept in the modern industrial world, enabling process monitoring and system control for general industrial systems and critical infrastructures. High-skilled hackers can invade an imperfect ICS by existing vulnerabilities without much effort. Conventional defenses (such as encryption and firewall) to keep invaders away are getting less and less effective when an attack is carried out by exploiting an array of particular vulnerabilities. Under this circumstance, a new-type intrusion detection system (IDS) based on deception strategy using honeypot technique is proposed, which is of dramatic effectiveness in protecting ICSs of critical infrastructures. In this honeypot-based model, we capture malicious Internet flows and system operations. We analyze the collected data before alerting and preventing the intrusion alike when it affects the system in the future. This paper deals with the model's concept, architecture, deployment, and what else can be achieved in the field of Critical Infrastructure Cybersecurity (CIC).
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
International Journal of Digital Crime and Forensics
International Journal of Digital Crime and Forensics COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-
CiteScore
2.70
自引率
0.00%
发文量
15
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信