Detail publikace

Identifying Industry Devices via Time Delay in Dataflow

POSPÍŠIL, O. FUJDIAK, R.

Originální název

Identifying Industry Devices via Time Delay in Dataflow

Typ

článek ve sborníku ve WoS nebo Scopus

Jazyk

angličtina

Originální abstrakt

In networks with critical industrial processes where operational integrity is paramount, device identification is crucial for security and effective management. Without such identification, the potential for mismanagement and security breaches increases. Active scanning for network device identification poses risks, especially in industrial settings. Such scanning can disrupt operations or even cause damage. Therefore, finding non-invasive identification methods that bypass active scanning is imperative. Passive scanning, owing to its non-intrusive approach, is favored for industrial devices. Modern statistical learning techniques combined with passive scanning can mitigate risks of active methods. Our research harnesses time delay data in network communications to accurately identify specific industrial PLC models. We derive our data from timestamp details of the OPC UA protocol, widely recognized as a standard in industrial communication. Statistical variables from time delay data enhance the accuracy of passive device identification in industrial settings.

Klíčová slova

Ics, plc, xgboost, device identification, siemens, opc ua, machine learning.

Autoři

POSPÍŠIL, O.; FUJDIAK, R.

Vydáno

3. 12. 2023

ISBN

979-8-4007-0796-4

Kniha

ICCNS 2023 Proceedings

Strany od

1

Strany do

5

Strany počet

5

BibTex

@inproceedings{BUT187049,
  author="Ondřej {Pospíšil} and Radek {Fujdiak}",
  title="Identifying Industry Devices via Time Delay in Dataflow",
  booktitle="ICCNS 2023 Proceedings",
  year="2023",
  pages="1--5",
  doi="10.1145/3638782.3638808",
  isbn="979-8-4007-0796-4"
}