Título
Deep packet inspection for intelligent intrusion detection in software-defined industrial networks: A proof of conceptVersión
Postprint
Derechos
© 2019 The Authors. Published by Oxford University Press. All rights reserved.Acceso
Acceso abiertoVersión del editor
https://doi.org/10.1093/jigpal/jzz060Publicado en
Logic Journal of the IGPL Vol. 28. N. 4. Pp. 461-472, 2020Primera página
461Última página
472Editor
Oxford AcademicPalabras clave
Software defined networkingIndustrial control systems
security
anomaly detection
Resumen
Specifically tailored industrial control systems (ICSs) attacks are becoming increasingly sophisticated, accentuating the need of ICS cyber security. The nature of these systems makes traditional IT s ... [+]
Specifically tailored industrial control systems (ICSs) attacks are becoming increasingly sophisticated, accentuating the need of ICS cyber security. The nature of these systems makes traditional IT security measures not suitable, requiring expressly developed security countermeasures. Within the past decades, research has been focused in network-based intrusion detection systems. With the appearance of software-defined networks (SDNs), new opportunities and challenges have shown up in the research community. This paper describes the potential benefits of using SDNs in industrial networks with security purposes and presents the set up and results of a pilot experiment carried out in a scaled physical implementation. The experimental set up consists in the detection of ICMP flood and packet payload alteration based on signature comparison. Results point to the potential viability of the technology for intrusion detection and the need of researching in architectural scalability. [-]
Sponsorship
Gobierno de EspañaID Proyecto
info:eu-repo/grantAgreement/GE/Ayudas para la Excelencia de los Equipos de Investigación avanzada en ciberseguridad/INCIBEC-2015-02495/ES//Colecciones
- Artículos - Ingeniería [684]