当前位置: X-MOL 学术Log. J. IGPL › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Deep packet inspection for intelligent intrusion detection in software-defined industrial networks: A proof of concept
Logic Journal of the IGPL ( IF 0.6 ) Pub Date : 2019-12-31 , DOI: 10.1093/jigpal/jzz060
Markel Sainz 1 , Iñaki Garitano 1 , Mikel Iturbe 1 , Urko Zurutuza 1
Affiliation  

Specifically tailored industrial control systems (ICSs) attacks are becoming increasingly sophisticated, accentuating the need of ICS cyber security. The nature of these systems makes traditional IT security measures not suitable, requiring expressly developed security countermeasures. Within the past decades, research has been focused in network-based intrusion detection systems. With the appearance of software-defined networks (SDNs), new opportunities and challenges have shown up in the research community. This paper describes the potential benefits of using SDNs in industrial networks with security purposes and presents the set up and results of a pilot experiment carried out in a scaled physical implementation. The experimental set up consists in the detection of ICMP flood and packet payload alteration based on signature comparison. Results point to the potential viability of the technology for intrusion detection and the need of researching in architectural scalability.

中文翻译:

用于软件定义的工业网络中的智能入侵检测的深度包检查:概念验证

专门定制的工业控制系统(ICS)攻击正变得越来越复杂,从而加剧了ICS网络安全性的需求。这些系统的性质使传统的IT安全措施不适用,需要明确制定的安全对策。在过去的几十年中,研究一直集中在基于网络的入侵检测系统上。随着软件定义网络(SDN)的出现,研究社区中出现了新的机遇和挑战。本文介绍了出于安全目的在工业网络中使用SDN的潜在好处,并介绍了在规模化物理实施中进行的试验实验的设置和结果。实验设置包括基于签名比较的ICMP泛洪检测和数据包有效载荷更改。
更新日期:2019-12-31
down
wechat
bug