Measuring the Growth in Complexity of Models from Industrial Control Networks

Date

ORCID

Journal Title

Journal ISSN

Volume Title

Publisher

Institute of Electrical and Electronics Engineers Inc.

item.page.doi

Abstract

Profiling communication patterns between industrial devices is important for detecting anomalies and potential cyber-attacks. In this paper we do deep-packet inspection of various industrial protocols to generate models of communications between pairs of devices; in particular, we use two models (deterministic finite automata and discrete-time Markov chains) applied to three different industrial networks: (1) an electrical substation, (2) a small-scale water testbed, and (3) a large-scale water treatment facility. Overall these datasets represent a variety of industrial protocols, including EtherNet/IP, DNP3, and Modbus/TCP.

Description

Full text access from Treasures at UT Dallas is restricted to current UTD affiliates (use the provided Link to Article). All others may find the web address for this item in the full item record as "dc.relation.uri" metadata.

Keywords

Data integration (Computer science), Integrated circuits, Markov processes, Computer network protocols, Computer networks--Security measures, Sequential machine theory, Water treatment plants

item.page.sponsorship

NSF CNS-1718848

Rights

©2018 IEEE

Citation