Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
KUCHAŘ, K. FUJDIAK, R. BLAŽEK, P. MARTINÁSEK, Z. HOLASOVÁ, E.
Originální název
Simplified Method for Fast and Efficient Incident Detection in Industrial Networks
Typ
článek ve sborníku ve WoS nebo Scopus
Jazyk
angličtina
Originální abstrakt
This article is focused on industrial networks and their security. An industrial network typically works with older devices that do not provide security at the level of today’s requirements. Even protocols often do not support security at a sufficient level. It is necessary to deal with these security issues due to digitization. It is therefore required to provide other techniques that will help with security. For this reason, it is possible to deploy additional elements that will provide additional security and ensure the monitoring of the network, such as the Intrusion Detection System. These systems recognize identified signatures and anomalies. Methods of detecting security incidents by detecting anomalies in network traffic are described. The proposed methods are focused on detecting DoS attacks in the industrial Modbus protocol and operations performed outside the standard interval in the Distributed Network Protocol 3. The functionality of the performed methods is tested in the IDS system Zeek.
Klíčová slova
anomaly detection, DNP3 protocol, ICS, IDS, Modbus protocol, machine learning
Autoři
KUCHAŘ, K.; FUJDIAK, R.; BLAŽEK, P.; MARTINÁSEK, Z.; HOLASOVÁ, E.
Vydáno
23. 10. 2020
ISBN
978-0-7381-4292-0
Kniha
4th Cyber Security in Networking Conference
Strany od
1
Strany do
3
Strany počet
BibTex
@inproceedings{BUT165031, author="Karel {Kuchař} and Radek {Fujdiak} and Petr {Blažek} and Zdeněk {Martinásek} and Eva {Holasová}", title="Simplified Method for Fast and Efficient Incident Detection in Industrial Networks", booktitle="4th Cyber Security in Networking Conference", year="2020", pages="1--3", doi="10.1109/CSNet50428.2020.9265536", isbn="978-0-7381-4292-0" }