• DocumentCode
    182008
  • Title

    Network Security Analysis Using Behavior History Graph

  • Author

    Sailio, Mirko ; Mantere, Matti ; Noponen, Sami

  • Author_Institution
    VTT (Tech. Res. Centre of Finland), Espoo, Finland
  • fYear
    2014
  • fDate
    8-12 Sept. 2014
  • Firstpage
    199
  • Lastpage
    206
  • Abstract
    Industrial control system networks are responsible for the operation of critically important functions of modern societies. In this paper we describe a highly distributable technique with low hardware requirements for mapping the typical network behavior of such stable networks. We propose that this technique is able to detect multiple wide ranging attack scenarios threatening these networks. We then proceed to test the techniques´ hypothesized advantages using a industrial control system network of a real world experimental pilot factory. The results for this technique are promising, with the achievement of predicted 100% detection rate for both real and simulated behavior changes in the testing material.
  • Keywords
    industrial control; telecommunication security; behavior history graph; industrial control system networks; multiple wide ranging attack scenarios; network security analysis; simulated behavior; stable networks; testing material; typical network behavior; Monitoring; Portable computers; Printing; Production facilities; Protocols; Prototypes; Security; ICS security; network security behavior;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2014 Ninth International Conference on
  • Conference_Location
    Fribourg
  • Type

    conf

  • DOI
    10.1109/ARES.2014.34
  • Filename
    6980283
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=182008