TY - CHAP
T1 - Profiling communications in industrial ip networks
T2 - Model complexity and anomaly detection
AU - Faisal, Mustafa Amir
AU - Cardenas, Alvaro A.
AU - Wool, Avishai
N1 - Publisher Copyright:
© Springer Nature Switzerland AG 2019.
PY - 2019
Y1 - 2019
N2 - Profiling communication patterns between devices in the Industrial Internet of Things (IIoT) ecosystems is important for deploying security measures like detecting anomalies and potential cyber-attacks. In this chapter we perform deep-packet inspection of various industrial protocols to generate models of communications between pairs of IIoT devices; in particular, we use discrete-time Markov chain models applied to four different industrial networks: (1) an electrical substation, (2) a small-scale water testbed, (3) a large-scale water treatment facility, and (4) an energy management system of a university campus. These datasets represent a variety of modern industrial protocols communicating over IP-compatible networks, including EtherNet/IP (Ethernet/Industrial Protocol), DNP3 (Distributed Network Protocol), and Modbus/TCP (Transmission Control Protocol).
AB - Profiling communication patterns between devices in the Industrial Internet of Things (IIoT) ecosystems is important for deploying security measures like detecting anomalies and potential cyber-attacks. In this chapter we perform deep-packet inspection of various industrial protocols to generate models of communications between pairs of IIoT devices; in particular, we use discrete-time Markov chain models applied to four different industrial networks: (1) an electrical substation, (2) a small-scale water testbed, (3) a large-scale water treatment facility, and (4) an energy management system of a university campus. These datasets represent a variety of modern industrial protocols communicating over IP-compatible networks, including EtherNet/IP (Ethernet/Industrial Protocol), DNP3 (Distributed Network Protocol), and Modbus/TCP (Transmission Control Protocol).
KW - Anomaly detection
KW - DTMC
KW - IIoT
KW - Modeling
UR - http://www.scopus.com/inward/record.url?scp=85075810444&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-12330-7_7
DO - 10.1007/978-3-030-12330-7_7
M3 - פרק
AN - SCOPUS:85075810444
T3 - Advanced Sciences and Technologies for Security Applications
SP - 139
EP - 160
BT - Advanced Sciences and Technologies for Security Applications
PB - Springer
ER -