600
views
1
recommends
+1 Recommend
1 collections
    11
    shares
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Industrial Control System Defence: Debugging ICS Maintenance Network Traffic

      proceedings-article

        , , , ,

      6th International Symposium for ICS & SCADA Cyber Security Research 2019 (ICS-CSR)

      Cyber Security Research

      10th-12th September 2019

      Network Security, Industrial Control System, Machine Learning, Maintenance, Cyber Defence

      Bookmark

            Abstract

            Industrial Control System (ICS) third-party maintenance introduces security risk into an organisation, as access is granted for performance of named maintenance tasks on industrial equipment, but there is currently no fine-grained way to monitor the activity. This paper applies Machine Learning to ICS network traffic, in order to alert operational staff to unauthorised activity. The work describes a method for identifying deviations, by characterising network traffic purpose, and applying software to dissect, learn and monitor maintenance traffic, then presenting results in a chart.

            Content

            Author and article information

            Contributors
            Conference
            September 2019
            September 2019
            : 11-20
            Affiliations
            [0001]Cyber Security Architecture, Innovation and Scouting

            Airbus, Quadrant House, Celtic Springs Business Park, Duffryn, Newport NP10 8FZ

            www.airbus.com/cyber-innovation
            Article
            10.14236/ewic/icscsr19.2
            b34eb8c3-2114-4940-bb4d-35755459d2d5
            © Angela Smith et al. Published by BCS Learning and Development Ltd. 6th International Symposium for ICS & SCADA Cyber Security Research 2019

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            6th International Symposium for ICS & SCADA Cyber Security Research 2019
            ICS-CSR
            6
            Athens, Greece
            10th-12th September 2019
            Electronic Workshops in Computing (eWiC)
            Cyber Security Research
            Product
            Product Information: 1477-9358BCS Learning & Development
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            REFERENCES

            1. 2018 Embedding Encryption and Machine Learning Intrusion Prevention Systems on Programmable Logic Controllers IEEE Embedded Systems Letters 10 3 99 102 [Cross Ref] [Online]

            2. 2017 An Investigation into the Effectiveness of Machine Learning Techniques for Intrusion Detection. Arid Zone Journal of Engineering, Technology and Environment 13 764 778

            3. 2014 Mining network data for intrusion detection through combining SVMs with ant colony networks Future Generation Computer Systems 37 127 140 [Cross Ref] [Online]

            4. 2017 Multi-level Anomaly Detection in Industrial Control Systems via Package Signatures and LSTM Networks 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Denver, CO, USA IEEE 261 272 [Cross Ref] [Online] 25 June 2019

            5. 2016 The WEKA Workbench. Data Mining: Practical Machine Learning Tools and Techniques, Fourth Edition Morgan Kaufman [Online]. Available at https://www.cs.waikato.ac.nz/ml/weka/Witten_et_al_2016_appendix.pdf 6 May 2019

            6. 2012 N-Gram against the Machine: On the Feasibility of the N-Gram Network Analysis for Binary Protocols Research in Attacks, Intrusions, and Defenses, Lecture Notes in Computer Science, Springer Berlin Heidelberg 354 373

            7. 2017 A Constraint-based intrusion detection system Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems - ECBS ’17 Larnaca, Cyprus ACM Press 1 10 [Cross Ref] [Online] 25 June 2019

            8. 2009 Dlib-ml: A Machine Learning Toolkit The Journal of Machine Learning Research 10 1 1755 1758

            9. 2013 Hackers Penetrate Google’s Building Management System [Online]. Available at https://www.greentechmedia.com/articles/read/hackers-penetrate-googles-building-management-system 9 February 2019

            10. 2015 Cyber Forensics in a Post Stuxnet World ITNOW 57 4 32 33 [Cross Ref] [Online]

            11. Office for National Statistics 2015 A Short Guide to the National Accounts Office for National Statistics [Online]. Available at http://www.ons.gov.uk/ons/guide-method/method-quality/specific/economy/national-accounts/articles/2011-present/uk-national-accounts—a-short-guide–2014.pdf 9 February 2019

            12. OMRON 2001 FINS Commands REFERENCE MANUAL OMRON [Online]. Available at https://www.myomron.com/downloads/1.Manuals/Networks/W227E12_FINS_Commands_Reference_Manual.pdf 27 April 2019

            13. OMRON 2009 SYSMAC CS and CJ Series CS1W-ETN21 (100Base-TX) CJ1WETN21 (100Base-TX) Ethernet Units Construction of Applications OPERATION MANUAL OMRON [Online]. Available at https://assets.omron.eu/downloads/manual/en/v2/w421_cj1w-etn21_cs1wetn21_ethernet_units_-_construction_of_applications_operation_manual_en.pdf

            14. 2011 Scikit-learn: Machine Learning in Python MACHINE LEARNING IN PYTHON 6

            15. Industrial Control Systems [Online]. Available at https://www.shodan.io/explore/category/industrial-control-systems 2 February 2019

            16. 2011 Make sense of third-party maintenance for your automatic welding system: working with third-party PM providers allows more focus on core competencies. Plant Engineering 65 49-

            17. 2008 Cissp: Certified Information Systems Security Professional Study Guide Fifth Indianapolis, UNITED STATES John Wiley & Sons, Incorporated (includes CD-ROM), [Online]. Available at http://ebookcentral.proquest.com/lib/open/detail.action?docID=353313 8 May 2019

            18. 2014 DEVELOPING CYBER FORENSICS FOR SCADA INDUSTRIAL CONTROL SYSTEMS The Society of Digital Information and Wireless Communication 98 111 [Online]. Available at https://www.researchgate.net/publication/266477470_Developing_Cyber_Forensics_for_SCADA_Industrial_Control_Systems 5 June 2017

            19. 2017 Towards a Novel Protocol Analysis Framework for Industrial Control Systems Smart Computing and Communication Springer, Cham 449 456 [Cross Ref] [Online] 6 May 2019

            20. 2019 Abnormal detection method of industrial control system based on behavior model Computers & Security 84 166 178 [Cross Ref] [Online]

            Comments

            Comment on this article