Browse > Article
http://dx.doi.org/10.5762/KAIS.2018.19.4.47

Implementation of abnormal behavior detection system based packet analysis for industrial control system security  

Kim, Hyun-Seok (Department of Information and Communication Engineering, Soonchunhyang University)
Park, Dong-Gue (Department of Information and Communication Engineering, Soonchunhyang University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.19, no.4, 2018 , pp. 47-56 More about this Journal
Abstract
National-scale industrial control systems for gas, electric power, water processing, nuclear power, and traffic control systems increasingly use open networks and open standards protocols based on advanced information and communications technologies. The frequency of cyberattacks increases steadily because of the use of open networks and open standards protocols, but follow-up actions are limited. Therefore, the application of security solutions to an industrial control system is very important. However, it is not possible to apply security solutions to a real system because of the characteristics of industrial control systems. And a security system that can detect attacks without affecting the existing system is imperative. Therefore, in this paper, we propose an intrusion detection system based on packet analysis that can detect anomalous behaviors without affecting the industrial control system, and we verify the effectiveness of the proposed intrusion detection system by applying it in a test bed simulating a real environment.
Keywords
abnormal behavior detect; cyber attack experiment; industrial control system; intrusion dectection system; ICS security;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Fireeye Inc., "2017 Security Predictions", Technical Report, Dec. 2016.
2 Hyun-Seok Kim and Dong-Gue Park, "Implementation of the testbed for security of industrial control system", Journal of KIIT, vol. 15, no. 6, pp. 53-60, Jun. 2017. DOI: https://doi.org/10.14801/jkiit.2017.15.6.53
3 NCCIC, "ICS-CERT Monitor", Technical report, Feb. 2015.
4 Do-Yeon Kim, "Vulnerability analysis for industrial control system cyber security", Journal of JKIECS, vol. 9, no. 1, pp. 137-142, Sep. 2014. DOI: https://doi.org/10.13067/JKIECS.2014.9.1.137
5 Hyunguk Yoo, Jeong-Han Yun, and Taeshik Shon, "Whitelist-based anomaly detection for industrial control system security", Journal of KICS, vol. 38, no. 8, pp. 641-653, Oct. 2013. DOI: https://doi.org/10.7840/kics.2013.38B.8.641
6 Jan Vavra and Martin Hromada, "Comparison of the Intrusion Detection System Rules in Relation with the SCADA Systems", Proc. of 5th Computer Science On-line Conference (CSOC 2016), vol. 465, pp. 159-169, Apr. 2016. DOI: https://doi.org/10.1007/978-3-319-33622-0_15
7 Qian Chen, Sherif Abdelwahed, and Abdelkarim Erradi, "A model-based approach to self-protection in computing system", Proc. of the 2013 ACM Cloud and Autonomic Computing Conference, no. 16, pp. 1-10, New York, USA, 2013. DOI: https://doi.org/10.1145/2494621.2494639
8 Hyung-Su Lee, and Jae-Pyo Park, "Respond System for Low-Level DDoS Attack", Journal of the Korea Academia-Industrial cooperation Society, vol. 17, no. 10, pp. 732-742, 2016. DOI: http://dx.doi.org/10.5762/KAIS.2016.17.10.732   DOI
9 J. J. Downs and E. F. Vogel, "A plant-wide industrial process control problem", Journal of Computers & chemical engineering, vol. 17, no. 3, pp. 245-255, 1993.   DOI