مرکز منطقه ای اطلاع رساني علوم و فناوري - Designing snort rules to detect abnormal DNP3 network data

DocumentCode :

3698822

Title :

Designing snort rules to detect abnormal DNP3 network data

Author :

Hao Li; Guangjie Liu; Weiwei Jiang; Yuewei Dai

Author_Institution :

School of Automation, Nanjing University of Science and Technology, China

fYear :

2015

Firstpage :

343

Lastpage :

348

Abstract :

Vulnerability of industrial control network communication protocol is the most important reason leading to industrial control network attacks. In this paper, the vulnerability of DNP3, the typical industrial control network communication protocol, is analyzed. The abnormal behaviors of DNP3 are categorized according to the Snort detection mechanisms. The Snort detection rule template for anomaly DNP3 data is constructed and the rules are designed according the template. The rule designing method can be generally extended to other network-based industrial control protocols.

Keywords :

"Protocols","Industrial control","Servers","Arrays","Intrusion detection","Computer crime"

Publisher :

ieee

Conference_Titel :

Control, Automation and Information Sciences (ICCAIS), 2015 International Conference on

Type :

conf

DOI :

10.1109/ICCAIS.2015.7338690

Filename :

7338690

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3698822