Classification of ICS abnormal behavior in terms of security

Cyber threats of the ICS(Industrial Control System) has been researched on the level to the threat to the network service as well as a specific system, even if the extent of damage was not intended. Although some range of "security" just include the protection of systems against the deliberate attacks of terrorists or cyber hackers, often more damage is done by carelessness, and equipment failures than by those deliberate attacks. This paper presented a taxonomy for classifying all abnormal behaviors of ICS, including deliberate attacks, inadvertent mistakes, equipment failures, and software problems. The classification criteria of ICS abnormal behaviors was selected to highlight commonalities and important features of deliberate attacks as well as inadvertent actions.

[1]  Kymie M. C. Tan,et al.  A defense-centric taxonomy based on attack manifestations , 2004, International Conference on Dependable Systems and Networks, 2004.

[2]  Sujeet Shenoi,et al.  A Taxonomy of Attacks on the DNP3 Protocol , 2009, Critical Infrastructure Protection.

[3]  Himanshu Khurana,et al.  Towards A Taxonomy Of Attacks Against Energy Control Systems , 2008, Critical Infrastructure Protection.

[4]  Jayne Caswell A Survey of Industrial Control Systems Security , 2011 .

[5]  Dale C. Rowe,et al.  A survey SCADA of and critical infrastructure incidents , 2012, RIIT '12.

[6]  Ray Hunt,et al.  A taxonomy of network and computer attacks , 2005, Comput. Secur..

[7]  John D. Howard,et al.  An analysis of security incidents on the Internet 1989-1995 , 1998 .

[8]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[9]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[10]  Igor Nai Fovino,et al.  Design and Implementation of a Secure Modbus Protocol , 2009, Critical Infrastructure Protection.

[11]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..