Measuring the Growth in Complexity of Models from Industrial Control Networks
Date
ORCID
Journal Title
Journal ISSN
Volume Title
Publisher
Institute of Electrical and Electronics Engineers Inc.
item.page.doi
Abstract
Profiling communication patterns between industrial devices is important for detecting anomalies and potential cyber-attacks. In this paper we do deep-packet inspection of various industrial protocols to generate models of communications between pairs of devices; in particular, we use two models (deterministic finite automata and discrete-time Markov chains) applied to three different industrial networks: (1) an electrical substation, (2) a small-scale water testbed, and (3) a large-scale water treatment facility. Overall these datasets represent a variety of industrial protocols, including EtherNet/IP, DNP3, and Modbus/TCP.
Description
Full text access from Treasures at UT Dallas is restricted to current UTD affiliates (use the provided Link to Article). All others may find the web address for this item in the full item record as "dc.relation.uri" metadata.
Keywords
Data integration (Computer science), Integrated circuits, Markov processes, Computer network protocols, Computer networks--Security measures, Sequential machine theory, Water treatment plants
item.page.sponsorship
NSF CNS-1718848
Rights
©2018 IEEE