xmlui.dri2xhtml.METS-1.0.item-share
Save the reference
Title
Latentziarik gabeko sareko identifikatzaileen aleatorizazioa kontrol industrialerako sistemetan proaktiboki errekonozimendu erasoak mitigatzeko
Version
http://purl.org/coar/version/c_970fb48d4fbd8a85
Rights
© 2023 EgileakAccess
http://purl.org/coar/access_right/c_abf2Publisher’s version
https://doi.org/10.26876/ikergazte.v.03.07Published at
V. Ikergazte. Nazioarteko ikerketa euskaraz. Kongresuko artikulu bilduma. Ingeniaritza eta Arkitektura Pp. 55-62. Donostia, 17-19 mayo 2023Publisher
UEUKeywords
Zibersegurtasun industriala
Software bidez definitutako sareak
Moving Target Defense
Erasoen defentsa proaktiboa ... [+]
Software bidez definitutako sareak
Moving Target Defense
Erasoen defentsa proaktiboa ... [+]
Zibersegurtasun industriala
Software bidez definitutako sareak
Moving Target Defense
Erasoen defentsa proaktiboa
Industrial cybersecurity
Software defined networking
Moving Target Defense
Proactive intrusion response [-]
Software bidez definitutako sareak
Moving Target Defense
Erasoen defentsa proaktiboa
Industrial cybersecurity
Software defined networking
Moving Target Defense
Proactive intrusion response [-]
Abstract
Kontrol industrialerako sistemak askotariko instalazio industrialetan erabiltzen dira, azpiegitura kritikoetan barne, segurtasun-eraso anitzen helburu nagusi bihurtuz. Sare industrialen konfigurazio e ... [+]
Kontrol industrialerako sistemak askotariko instalazio industrialetan erabiltzen dira, azpiegitura kritikoetan barne, segurtasun-eraso anitzen helburu nagusi bihurtuz. Sare industrialen konfigurazio eta topologia estatikoek, abantaila bat suposatzen dute erasotzaileentzat, erasoa egin aurretik gailu edo zerbitzu ahulak eskaneatzeko aukera ematen baitiete. Artikulu honek IP helbide, MAC helbide eta portu zenbakien aleatorizazioan oinarritutako errekonozimendu erasoen aurkako defentsa proaktibo bat aurkezten du. Lortutako informazioaren distortsioak erasotzaileek lortutako ezagutza gutxitzen du, sareko helbidean oinarritzen den edozein eraso oztopatuz. Sareko identifikatzaileen aleatorizazioa modu moldagarrian egiten da, sarean sartutako gainkarga minimizatuz eta komunikazioetan edozein errore eta latentzia saihestuz. Inplementazioa eta probak benetako ekipamendu industrialarekin gauzatu dira, aurkeztutako soluzioaren eraginkortasuna frogatuz. [-]
Industrial Control Systems are used in a wide variety of industrial facilities, including critical infrastructures, becoming the main target of multiple security attacks. Static networks configuration ... [+]
Industrial Control Systems are used in a wide variety of industrial facilities, including critical infrastructures, becoming the main target of multiple security attacks. Static networks configurations and topologies, which characterize Industrial Control Systems, represent an advantage for attackers, allowing them to scan for vulnerable devices or services before carrying out the attack. This paper presents a proactive network reconnaissance defense mechanism based on the temporal randomization of network IP addresses, MAC addresses and port numbers. The obtained information distortion minimizes the knowledge acquired by the attackers, hindering any attack that relies on network addressing. The temporal randomization of network attributes is performed in an adaptive way, minimizing the overhead introduced in the network and avoiding any error and latency in communications. The implementation as well as the tests have been carried out in a laboratory with real industrial equipment, demonstrating the effectiveness of the presented solution. [-]
xmlui.dri2xhtml.METS-1.0.item-oaire-funderName
Eusko Jaurlaritza = Gobierno VascoGipuzkoako Foru Aldundia = Diputación Foral de Gipuzkoa
xmlui.dri2xhtml.METS-1.0.item-oaire-fundingStream
Ikertalde Convocatoria 2022-2025Programa de apoyo a la Red guipuzcoana de Ciencia, Tecnología e Innovación
xmlui.dri2xhtml.METS-1.0.item-oaire-awardNumber
IT1676-222022-CIEN-000065-01
xmlui.dri2xhtml.METS-1.0.item-oaire-awardURI
Sin informaciónSin información
xmlui.dri2xhtml.METS-1.0.item-oaire-awardTitle
Grupo de sistemas inteligentes para sistemas industrialesGauza industrial ziberseguruak hodei ziberseguruetan (GAITZERDI)
Collections
The following license files are associated with this item:
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-ShareAlike 4.0 International
