论文信息 - A method to construct network traffic models for process control systems

A method to construct network traffic models for process control systems

Nowadays, it is a well-known fact that modern Critical Infrastructures (CIs) depend on Information and Communication Technologies (ICT). Supervisory Control and Data Acquisition (SCADA) systems with off-the-shelf ICT hardware and software found their way in Process Control Systems (PCSs) due to their simplicity and cost-efficiency. However, recent incidents such as Stuxnet, Duqu or Night Dragon revealed new ICT vulnerabilities and attack scenarios in PCSs. Nevertheless, as shown by recent events, security studies on real SCADA systems are challenging due to the lack of proper experimentation environments. Through this work we develop a method to generate realistic network traffic in laboratory conditions without the need of a real PCS installation. This is indeed our main contribution as the basis of future anomaly detection systems. Such method could support experimentation through the recreation of realistic traffic in simulated environments. The accuracy and fidelity of the proposed approach was validated with several statistical methods that compare the predicted traffic with traffic taken from a real in stallation.

[1] B. Chandrasekaran. Survey of Network Traffic Models , 2006 .

[2] Jiankun Hu,et al. Network Traffic Analysis and SCADA Security , 2010, Handbook of Information and Communication Security.

[3] Ulf Lindqvist,et al. Using Model-based Intrusion Detection for SCADA Networks , 2006 .

[4] Alfonso Valdes,et al. Communication pattern anomaly detection in process control systems , 2009, 2009 IEEE Conference on Technologies for Homeland Security.

[5] Andres Perez-Garcia,et al. On the Use of Emulab Testbeds for Scientifically Rigorous Experiments , 2013, IEEE Communications Surveys & Tutorials.

[6] Christof Störmann,et al. Cyber-Critical Infrastructure Protection Using Real-Time Payload-Based Anomaly Detection , 2009, CRITIS.

[7] Béla Genge,et al. A cyber-physical experimentation environment for the security analysis of networked industrial control systems , 2012, Comput. Electr. Eng..

[8] Ulf Lindqvist,et al. An intrusion detection system for wireless process control systems , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[9] Ronald K. Klimberg,et al. Fundamentals of Forecasting Using Excel , 2009 .

[10] Mike Hibler,et al. An integrated experimental environment for distributed systems and networks , 2002, OPSR.