{"title":"利用系统模型保护CPS:基于异常的IDS视角","authors":"Riccardo Colelli, S. Panzieri, F. Pascucci","doi":"10.1109/ETFA.2018.8502495","DOIUrl":null,"url":null,"abstract":"Industrial Control systems traditionally achieved security by using isolation from the outside and proprietary protocols to communicate inside. This paradigm is changed with the advent of the Industrial Internet of Things that foresees flexible and interconnected systems. In this contribution, the threats coming from this new approach are analyzed and a framework for identify them is proposed. It is based on the common signature based intrusion detection system developed in the information technology domain, however, to cope with the constraints of the operation technology domain, it exploits anomaly based features. Specifically, it is able to analyze the traffic on the network at application layer by mean of deep packet inspection, parsing the information carried by the proprietary protocols. Two different topologies are adopted to cope also with legacy systems. A simple set up is considered to prove the effectiveness of the approach.","PeriodicalId":6566,"journal":{"name":"2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA)","volume":"68 1","pages":"1171-1174"},"PeriodicalIF":0.0000,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Exploiting System Model for Securing CPS: the Anomaly Based IDS Perspective\",\"authors\":\"Riccardo Colelli, S. Panzieri, F. Pascucci\",\"doi\":\"10.1109/ETFA.2018.8502495\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Industrial Control systems traditionally achieved security by using isolation from the outside and proprietary protocols to communicate inside. This paradigm is changed with the advent of the Industrial Internet of Things that foresees flexible and interconnected systems. In this contribution, the threats coming from this new approach are analyzed and a framework for identify them is proposed. It is based on the common signature based intrusion detection system developed in the information technology domain, however, to cope with the constraints of the operation technology domain, it exploits anomaly based features. Specifically, it is able to analyze the traffic on the network at application layer by mean of deep packet inspection, parsing the information carried by the proprietary protocols. Two different topologies are adopted to cope also with legacy systems. A simple set up is considered to prove the effectiveness of the approach.\",\"PeriodicalId\":6566,\"journal\":{\"name\":\"2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA)\",\"volume\":\"68 1\",\"pages\":\"1171-1174\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ETFA.2018.8502495\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ETFA.2018.8502495","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Exploiting System Model for Securing CPS: the Anomaly Based IDS Perspective
Industrial Control systems traditionally achieved security by using isolation from the outside and proprietary protocols to communicate inside. This paradigm is changed with the advent of the Industrial Internet of Things that foresees flexible and interconnected systems. In this contribution, the threats coming from this new approach are analyzed and a framework for identify them is proposed. It is based on the common signature based intrusion detection system developed in the information technology domain, however, to cope with the constraints of the operation technology domain, it exploits anomaly based features. Specifically, it is able to analyze the traffic on the network at application layer by mean of deep packet inspection, parsing the information carried by the proprietary protocols. Two different topologies are adopted to cope also with legacy systems. A simple set up is considered to prove the effectiveness of the approach.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
