For Publishers
DiscoveryMetadataPeer reviewHostingPublishing
For Researchers
JoinPublishReviewCollect
Register
Blog
About
Search
Advanced search
My ScienceOpen
Search
For Publishers
For Researchers
Blog
About
2,079
views
4
references
 Top references
cited by
0
    
0 reviews
 Review
0
comments
 Comment
1
recommends
+1 Recommend
1 collections
    11
    shares
      553
      similar
       All similar

      Celebrating 65 years of The Computer Journal - free-to-read perspectives - bcs.org/tcj65

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Industrial Control System Defence: Debugging ICS Maintenance Network Traffic

      proceedings-article
      Author(s):   , , , ,
      Publication date (Print):
      Conference name: 6th International Symposium for ICS & SCADA Cyber Security Research 2019 (ICS-CSR)
      Conference theme: Cyber Security Research
      Conference date: 10th-12th September 2019
      Keywords: Network Security, Industrial Control System, Machine Learning, Maintenance, Cyber Defence
      Bookmark

            Abstract

            Industrial Control System (ICS) third-party maintenance introduces security risk into an organisation, as access is granted for performance of named maintenance tasks on industrial equipment, but there is currently no fine-grained way to monitor the activity. This paper applies Machine Learning to ICS network traffic, in order to alert operational staff to unauthorised activity. The work describes a method for identifying deviations, by characterising network traffic purpose, and applying software to dissect, learn and monitor maintenance traffic, then presenting results in a chart.

            Content

            Author and article information

            Contributors
            Angela Smith
            Conference
            Publication date: September 2019
            Publication date (Print): September 2019
            Pages: 11-20
            Affiliations
            [0001]Cyber Security Architecture, Innovation and Scouting

            Airbus, Quadrant House, Celtic Springs Business Park, Duffryn, Newport NP10 8FZ

            www.airbus.com/cyber-innovation
            Article
            DOI: 10.14236/ewic/icscsr19.2
            SO-VID: b34eb8c3-2114-4940-bb4d-35755459d2d5
            Copyright © © Angela Smith et al. Published by BCS Learning and Development Ltd. 6th International Symposium for ICS & SCADA Cyber Security Research 2019
            License:

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            Conference name: 6th International Symposium for ICS & SCADA Cyber Security Research 2019
            Conference acronym: ICS-CSR
            Conference number: 6
            Conference location: Athens, Greece
            Conference date: 10th-12th September 2019
            Conference sponsor: Electronic Workshops in Computing (eWiC)
            Conference theme: Cyber Security Research
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/icscsr19.2
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Series title: Electronic Workshops in Computing

            ScienceOpen disciplines: Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            Keywords: Maintenance,Network Security,Cyber Defence,Machine Learning,Industrial Control System

            REFERENCES

            1. 2018 Embedding Encryption and Machine Learning Intrusion Prevention Systems on Programmable Logic Controllers IEEE Embedded Systems Letters 10 3 99 102 [Cross Ref] [Online]

            2. 2017 An Investigation into the Effectiveness of Machine Learning Techniques for Intrusion Detection. Arid Zone Journal of Engineering, Technology and Environment 13 764 778

            3. 2014 Mining network data for intrusion detection through combining SVMs with ant colony networks Future Generation Computer Systems 37 127 140 [Cross Ref] [Online]

            4. 2017 Multi-level Anomaly Detection in Industrial Control Systems via Package Signatures and LSTM Networks 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) Denver, CO, USA IEEE 261 272 [Cross Ref] [Online] 25 June 2019

            5. 2016 The WEKA Workbench. Data Mining: Practical Machine Learning Tools and Techniques, Fourth Edition Morgan Kaufman [Online]. Available at https://www.cs.waikato.ac.nz/ml/weka/Witten_et_al_2016_appendix.pdf 6 May 2019

            6. 2012 N-Gram against the Machine: On the Feasibility of the N-Gram Network Analysis for Binary Protocols Research in Attacks, Intrusions, and Defenses, Lecture Notes in Computer Science, Springer Berlin Heidelberg 354 373

            7. 2017 A Constraint-based intrusion detection system Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems - ECBS ’17 Larnaca, Cyprus ACM Press 1 10 [Cross Ref] [Online] 25 June 2019

            8. 2009 Dlib-ml: A Machine Learning Toolkit The Journal of Machine Learning Research 10 1 1755 1758

            9. 2013 Hackers Penetrate Google’s Building Management System [Online]. Available at https://www.greentechmedia.com/articles/read/hackers-penetrate-googles-building-management-system 9 February 2019

            10. 2015 Cyber Forensics in a Post Stuxnet World ITNOW 57 4 32 33 [Cross Ref] [Online]

            11. Office for National Statistics 2015 A Short Guide to the National Accounts Office for National Statistics [Online]. Available at http://www.ons.gov.uk/ons/guide-method/method-quality/specific/economy/national-accounts/articles/2011-present/uk-national-accounts—a-short-guide–2014.pdf 9 February 2019

            12. OMRON 2001 FINS Commands REFERENCE MANUAL OMRON [Online]. Available at https://www.myomron.com/downloads/1.Manuals/Networks/W227E12_FINS_Commands_Reference_Manual.pdf 27 April 2019

            13. OMRON 2009 SYSMAC CS and CJ Series CS1W-ETN21 (100Base-TX) CJ1WETN21 (100Base-TX) Ethernet Units Construction of Applications OPERATION MANUAL OMRON [Online]. Available at https://assets.omron.eu/downloads/manual/en/v2/w421_cj1w-etn21_cs1wetn21_ethernet_units_-_construction_of_applications_operation_manual_en.pdf

            14. 2011 Scikit-learn: Machine Learning in Python MACHINE LEARNING IN PYTHON 6

            15. Industrial Control Systems [Online]. Available at https://www.shodan.io/explore/category/industrial-control-systems 2 February 2019

            16. 2011 Make sense of third-party maintenance for your automatic welding system: working with third-party PM providers allows more focus on core competencies. Plant Engineering 65 49-

            17. 2008 Cissp: Certified Information Systems Security Professional Study Guide Fifth Indianapolis, UNITED STATES John Wiley & Sons, Incorporated (includes CD-ROM), [Online]. Available at http://ebookcentral.proquest.com/lib/open/detail.action?docID=353313 8 May 2019

            18. 2014 DEVELOPING CYBER FORENSICS FOR SCADA INDUSTRIAL CONTROL SYSTEMS The Society of Digital Information and Wireless Communication 98 111 [Online]. Available at https://www.researchgate.net/publication/266477470_Developing_Cyber_Forensics_for_SCADA_Industrial_Control_Systems 5 June 2017

            19. 2017 Towards a Novel Protocol Analysis Framework for Industrial Control Systems Smart Computing and Communication Springer, Cham 449 456 [Cross Ref] [Online] 6 May 2019

            20. 2019 Abnormal detection method of industrial control system based on behavior model Computers & Security 84 166 178 [Cross Ref] [Online]

            Comments

            Comment on this article