Browse > Article

Cyber Security Approaches for Industrial Control Networks  

Dillabaugh, Craig (Solana Networks)
Nandy, Biswajit (Solana Networks)
Seddigh, Nabil (Solana Networks)
Wong, Kevin (Solana Networks)
Lee, Byoung-Joon (BJ) (Creatrix Design Group)
Publication Information
Review of KIISC / v.26, no.6, 2016 , pp. 42-50 More about this Journal
Abstract
Critical infrastructure (CI) such as the electrical grid, transportation systems and water resource systems are controlled by Industrial Control and SCADA (Supervisory Control and Data Acquisition) networks. During the last few years, cyber attackers have increasingly targeted such CI systems. This is of great concern because successful attacks have wide ranging impact and can cause widespread destruction and loss of life. As a result, there is a critical requirement to develop enhanced algorithms and tools to detect cyber threats for SCADA networks. Such tools have key differences with the tools utilized to detect cyber threats in regular IT networks. This paper discusses key factors which differentiate network security for SCADA networks versus regular IT networks. The paper also presents various approaches used for SCADA security and some of the advancements in the area.
Keywords
Citations & Related Records
연도 인용수 순위
  • Reference
1 Barbosa, Rafael Ramos Regis, Ramin Sadre, and Aiko Pras. "Flow whitelisting in SCADA networks." International journal of critical infrastructure protection 6, no. 3 (2013): 150-158.   DOI
2 Mantere, Matti, Mirko Sailio, and Sami Noponen. "A module for anomaly detection in ICS networks." In Proceedings of the 3rd international conference on High confidence networked systems, pp. 49-56. ACM, 2014.
3 Snort.org, https://www.snort.org, Accessed Nov. 30th, 2016
4 Tenable Network Security "Protecting Critical Infrastructure: SCADA Network Security Monitoring." http://www.tenable.com/whitepapers, Accessed Dec., 2nd, 2014
5 Tenable Network Security. "Plugins: SCADA". .http://www.tenable.com/plugins/index.php?view=all&family=SCADA, Accessed November 29th, 2016
6 Galloway, Brendan and Gerhard P. Hancke. "Introduction to industrial control networks." Communications Surveys & Tutorials, IEEE 15, no. 2 (2013): 860-880.   DOI
7 Barbosa, Rafael Ramos Regis, "Anomaly detection in SCADA systems: a network based approach," University of Twente, 2014.
8 Ahmed, Irfan, Sebastian Obermeier, Martin Naedele, and Golden G. Richard III. "SCADA systems: Challenges for forensic investigators." Computer 45, no. 12 (2012): 44-51   DOI
9 Suricata.org, https://suricata-ids.org, Accessed Nov. 30th, 2016
10 Bro.org "https://www.bro.org", Accessed November 30th,2016
11 Cid, Daniel B. "Log Analysis using OSSEC." Accessed Nov., 21st, 2014. http://www. ossec.net/ossec-docs/auscert-2007-dcid.pdf (2007).
12 Stouffer, Keith, Joe Falco, and Karen Scarfone. "Guide to industrial control systems (ICS) security." NIST special publication (2011): 800-82.
13 Quickdraw, http://www.digitalbond.com/tools/quickdraw, Accessed Nov. 30th, 2016
14 OpenVAS.org "About OpenVAS." Accessed November., 29th, 2016. http://www.openvas.org/about.html.
15 wireshark.org "Dissector for ICCP/TASE.2." https://ask.wireshark.org/questions/19908/dissectorfor-iccptase2, Accessed Nov., 29th, 2016.
16 Knapp, Eric. "Industrial network security: securing critical infrastructure networks for Smart Grid, SCADA, and other industrial control systems." Elsevier, 2011.
17 Peterson, Dale. Blog. "ICS Protocols Make New GE D20 RTU Still Insecure By Design," http://www.digitalbond.com/blog/2013/08/22/icsprotocols-make-new-ge-d20-rtu-still-insecure-bydesign/, Accessed Nov., 7th, 2014.
18 Netresec "SCADA Network Forensics with IEC-104." Accessed Dec., 8th, 2014. http://www.netresec.com/?page=Blog&month=2012-08&post=SCADA-Network-Forensics-with-IEC-104
19 Alien Vault OSSIM, https://www.alienvault.com/products/ossim Accessed November 30th,2016
20 Goldenberg, Niv, and Avishai Wool. "Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems." International Journal of Critical Infrastructure Protection 6, no. 2 (2013): 63-75.   DOI
21 Solana enhances Suricata Open Source Intrusion Detection System (IDS), "http://www.solananetw orks.com/news/2015/09/03/solana-enhances-suric ata-open-source-intrusion-detection-system-ids-support" Accessed November., 29th, 2016.
22 Tofino Security. "Tofino Argon Security Appliance." https://www.tofinosecurity.com/sites/default/files/DS-TSA-ARGON.pdf, Accessed Nov., 29th, 2016.
23 Secure Crossing. "Zenwall-5," http://www.securecrossing.com/our-products/zenwall-5/, Accessed Dec., 1st, 2014.
24 SmartFlow Anomaly Detection for SCADA - Solana Networks, "/www.solananetworks.com/products/smartflow", Accessed November 29th,2016.