Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Securing Industrial Control Systems Read chapter Read first chapter

2019 | OriginalPaper | Chapter

Profiling Communications in Industrial IP Networks: Model Complexity and Anomaly Detection

Authors : Mustafa Amir Faisal, Alvaro A. Cardenas, Avishai Wool

Published in: Security and Privacy Trends in the Industrial Internet of Things

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Profiling communication patterns between devices in the Industrial Internet of Things (IIoT) ecosystems is important for deploying security measures like detecting anomalies and potential cyber-attacks. In this chapter we perform deep-packet inspection of various industrial protocols to generate models of communications between pairs of IIoT devices; in particular, we use discrete-time Markov chain models applied to four different industrial networks: (1) an electrical substation, (2) a small-scale water testbed, (3) a large-scale water treatment facility, and (4) an energy management system of a university campus. These datasets represent a variety of modern industrial protocols communicating over IP-compatible networks, including EtherNet/IP (Ethernet/Industrial Protocol), DNP3 (Distributed Network Protocol), and Modbus/TCP (Transmission Control Protocol).

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter A Distributed Usage Control Framework for Industrial Internet of Things
next chapter Improving Security in Industrial Internet of Things: A Distributed Intrusion Detection Methodology
Literature
1.
Astarloa A, Bidarte U, Jiménez J, Zuloaga A, Lázaro J (2016) Intelligent gateway for industry 4.0-compliant production. In: IECON 2016-42nd Annual Conference of the IEEE Industrial Electronics Society. IEEE, pp 4902–4907
2.
Caselli M, Zambon E, Kargl F (2015) Sequence-aware intrusion detection in industrial control systems. In: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security, pp 13–24
3.
Fu Y, Yan Z, Cao J, Koné O, Cao X (2017) An automata based intrusion detection method for Internet of Things. Mob Inf Syst 2017:1–13
4.
Goldenberg N, Wool A (2013) Accurate modeling of Modbus/TCP for intrusion detection in scada systems. Int J Crit Infrastruct Prot 6:63–75CrossRef
5.
6.
Kleinman A, Wool A (2014) Accurate modeling of the Siemens S7 scada protocol for intrusion detection and digital forensics. J Digit Forensic Secur Law JDFSL 9(2):37
7.
Kleinmann A, Wool A (2015) A statechart-based anomaly detection model for multi-threaded scada systems. In: International Conference on Critical Information Infrastructures Security, pp 132–144
8.
Kleinmann A, Wool A (2016) Automatic construction of statechart-based anomaly detection models for multi-threaded scada via spectral analysis. In: Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy, pp 1–12
9.
Modbus Organization (2012) Modbus application protocol specification V1.1b3. Online; Accessed 05 July 2016
10.
Modbus Organization (2012) Modbus messaging on TCP/IP implementation guide V1.0b. Online; Accessed 05 July 2016
11.
12.
Rubio JE, Alcaraz C, Roman R, Lopez J (2017) Analysis of intrusion detection systems in industrial ecosystems. In: 14th International Conference on Security and Cryptography (SECRYPT 2017)
13.
Sadeghi AR, Wachsmann C, Waidner M (2015) Security and privacy challenges in industrial Internet of Things. In: 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC). IEEE, pp 1–6
14.
Tribus M (1961) Thermostatics and thermodynamics: an introduction to energy, information and states of matter, with engineering applications. van Nostrand, London
15.
Zarpelão BB, Miani RS, Kawakani CT, de Alvarenga SC (2017) A survey of intrusion detection in Internet of Things. J Netw Comput Appl 84:25–37CrossRef
Metadata
Title
Profiling Communications in Industrial IP Networks: Model Complexity and Anomaly Detection
Authors
Mustafa Amir Faisal
Alvaro A. Cardenas
Avishai Wool
Copyright Year
2019
Book
Security and Privacy Trends in the Industrial Internet of Things

Print ISBN: 978-3-030-12329-1

Electronic ISBN: 978-3-030-12330-7

Copyright Year: 2019

DOI
https://doi.org/10.1007/978-3-030-12330-7_7

Premium Partner

    Image Credits