Detection of replay attack traffic in ICS network
- Authors
- Hong, K.-S.; Kim, H.-B.; Kim, D.-H.; Seo, J.-T.
- Issue Date
- Aug-2019
- Publisher
- Springer Verlag
- Keywords
- Anomaly detection; Industrial Control System (ICS); Machine learning; Network security; Replay attack
- Citation
- Studies in Computational Intelligence, v.788, pp.124 - 136
- Journal Title
- Studies in Computational Intelligence
- Volume
- 788
- Start Page
- 124
- End Page
- 136
- URI
- https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/80204
- DOI
- 10.1007/978-3-319-98370-7_10
- ISSN
- 1860-949X
- Abstract
- The malicious codes and attacks against ICS today are becoming more advanced and intelligent. The security risk for ICS is increasing, and it’s becoming more important to secure the cyber safety of ICS from these security threats. Recent ICS not only uses serial communication protocol, but also an Ethernet-based control communication protocol. Malicious codes attacking ICS attempts to imitate the corresponding control protocol to insert malware into the payload for communication, or imitates normal control packets for malicious control or disabling of control devices. Also, multiple presentations exist on the possible scenarios of various cyber attack targeting. However, current IDS/IPS for ICS functions with technology to detect attacks based on a blacklist, and thus cannot detect attacks exhibiting new techniques. In order to solve these problems, there have been recent studies on white list based attack detection technology for practical application on ICS. However, current studies on white list based detection technology utilizes a white list based on IP address, service port number information, etc., and thus cannot be utilized to detect attacks exhibiting a replay pattern or in which only data value is changed inside a normal command. This study suggests a technology that can detect attacks exhibiting a replay pattern against ICS, using white list based detection and machine learning to educate control traffic and apply the results to actual detection. © 2019, Springer Nature Switzerland AG.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - IT융합대학 > 컴퓨터공학과 > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/80204)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.