Blog
About
Search
Advanced search

245
views
12
references
 Top references
1
cited by
 Most cited
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
1 collections
    4
    shares
      133
      similar
       All similar
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      A Practical flow white list approach for SCADA systems

      Author(s): , ,

      Publication date (Print):

      Conference name: 4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR)

      Conference theme: Cyber Security Research

      Conference date: 23 - 25 August 2016

      Keywords: white listing, critical infrastructure protection, SCADA networks.

      Read this article at

      ScienceOpen
      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          The blatant vulnerability of industrial control systems, including those controlling critical infrastructure, is now well known. There is a need for immediately applicable security solutions that do not interfere with normal operations. Intrusion detection through flow white listing is an approach that can detect multiple components of modern attacks such as pivoting and command and control channels. However, the white list approach is not compatible with current black listbased IDS technology. This paper presents a practical approach for implementing flow white listing in SCADA system. The approach extracts a flow white list from a known good packet capture and inverts the decision logic to programmatically generate a rule set that can be consumed by a black list-based IDS. A performance evaluation shows that the approach is viable for SCADA systems, where the number of communication pairs is limited and traffic is mostly deterministic.

          Related collections

          Most cited references 12

          • Record: found
          • Abstract: not found
          • Conference Proceedings: not found

          Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration

           Hadeli Hadeli,  Ragnar Schierholz,  Markus Braendle (2009)
          Article 0 comments Cited 9 times – based on 0 reviews
            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Flow whitelisting in SCADA networks

             Rafael Barbosa,  Ramin Sadre,  Aiko Pras (2013)
            Article 0 comments Cited 7 times – based on 0 reviews     Review now
              Bookmark
              • Record: found
              • Abstract: not found
              • Conference Proceedings: not found

              A first look into SCADA network traffic

               Rafael Barbosa,  R. Sadre,  A Pras (2012)
              Article 0 comments Cited 5 times – based on 0 reviews
                Bookmark
                All references

                Author and article information

                Contributors
                Antoine Lemay
                Jonathan Rochon
                José M. Fernandez
                Conference
                Publication date: October 2016
                Publication date (Print): October 2016
                Pages: 23-31
                Affiliations
                École Polytechnique de Montréal
                Article
                DOI: 10.14236/ewic/ICS2016.4
                Copyright statement: © Lemay et al. Published byLearning & Development LtdProceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016
                License:

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                Conference name: 4th International Symposium for ICS & SCADA Cyber Security Research 2016
                Conference acronym: ICS-CSR
                Conference number: 4
                Conference location: Queen’s Belfast University, UK
                Conference date: 23 - 25 August 2016
                Conference sponsor: Electronic Workshops in Computing (eWiC)
                Conference theme: Cyber Security Research
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Series title: Electronic Workshops in Computing

                Data availability:

                ScienceOpen disciplines: Applied computer science, Computer science, Security & Cryptology, Graphics & Multimedia design, General computer science, Human-computer-interaction

                Keywords: SCADA networks., white listing, critical infrastructure protection

                Comments

                Comment on this article