Measuring the Growth in Complexity of Models from Industrial Control Networks
Faisal, Mustafa Amir
Cárdenas, Alvaro A.
MetadataShow full item record
Profiling communication patterns between industrial devices is important for detecting anomalies and potential cyber-attacks. In this paper we do deep-packet inspection of various industrial protocols to generate models of communications between pairs of devices; in particular, we use two models (deterministic finite automata and discrete-time Markov chains) applied to three different industrial networks: (1) an electrical substation, (2) a small-scale water testbed, and (3) a large-scale water treatment facility. Overall these datasets represent a variety of industrial protocols, including EtherNet/IP, DNP3, and Modbus/TCP.
Full text access from Treasures at UT Dallas is restricted to current UTD affiliates (use the provided Link to Article). All others may find the web address for this item in the full item record as "dc.relation.uri" metadata.