Blog
About

243
views
0
recommends
+1 Recommend
1 collections
    4
    shares
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      A Two-level Intrusion Detection System for Industrial Control System Networks using P4

      1 , 1

      5th International Symposium for ICS & SCADA Cyber Security Research 2018 (ICS-CSR 2018)

      ICS & SCADA Cyber Security Research

      29 - 30 August 2018

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          The increasing number of attacks against Industrial Control Systems (ICS) have shown the vulnerability of these systems. Many ICS network protocols have no security mechanism and the requirements on high availability and real-time communication make it challenging to apply intrusive security measures. In this paper, we propose a two-level intrusion detection system for ICS networks based on Software Defined Networking (SDN). The first level consists of flow and Modbus whitelists, leveraging P4 for efficient real-time monitoring. The second level is a deep packet inspector communicating with an SDN controller to update the whitelists of the first level. We show by experiments in an emulated environment that our design has only a small impact on communication latencies in the ICS and is efficient against Modbus/TCP oriented attacks.

          Related collections

          Most cited references 26

          • Record: found
          • Abstract: not found
          • Article: not found

          Software-Defined Networking: A Comprehensive Survey

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments

              Bookmark
              • Record: found
              • Abstract: not found
              • Conference Proceedings: not found

              FloodGuard: A DoS Attack Prevention Extension in Software-Defined Networks

                Bookmark

                Author and article information

                Contributors
                Conference
                August 2018
                August 2018
                : 31-40
                Affiliations
                [1 ]Universit Catholique de Louvain, Belgium
                Article
                10.14236/ewic/ICS2018.4
                © Ndonda et al. Published by BCS Learning and Development Ltd. Proceedings of ICS & SCADA 2018

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                5th International Symposium for ICS & SCADA Cyber Security Research 2018
                ICS-CSR 2018
                5
                University of Hamburg, Germany
                29 - 30 August 2018
                Electronic Workshops in Computing (eWiC)
                ICS & SCADA Cyber Security Research
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article