Detection of replay attack traffic in ICS network
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Hong, K.-S. | - |
dc.contributor.author | Kim, H.-B. | - |
dc.contributor.author | Kim, D.-H. | - |
dc.contributor.author | Seo, J.-T. | - |
dc.date.available | 2021-03-02T07:40:43Z | - |
dc.date.created | 2021-03-02 | - |
dc.date.issued | 2019-08 | - |
dc.identifier.issn | 1860-949X | - |
dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/80204 | - |
dc.description.abstract | The malicious codes and attacks against ICS today are becoming more advanced and intelligent. The security risk for ICS is increasing, and it’s becoming more important to secure the cyber safety of ICS from these security threats. Recent ICS not only uses serial communication protocol, but also an Ethernet-based control communication protocol. Malicious codes attacking ICS attempts to imitate the corresponding control protocol to insert malware into the payload for communication, or imitates normal control packets for malicious control or disabling of control devices. Also, multiple presentations exist on the possible scenarios of various cyber attack targeting. However, current IDS/IPS for ICS functions with technology to detect attacks based on a blacklist, and thus cannot detect attacks exhibiting new techniques. In order to solve these problems, there have been recent studies on white list based attack detection technology for practical application on ICS. However, current studies on white list based detection technology utilizes a white list based on IP address, service port number information, etc., and thus cannot be utilized to detect attacks exhibiting a replay pattern or in which only data value is changed inside a normal command. This study suggests a technology that can detect attacks exhibiting a replay pattern against ICS, using white list based detection and machine learning to educate control traffic and apply the results to actual detection. © 2019, Springer Nature Switzerland AG. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | Springer Verlag | - |
dc.relation.isPartOf | Studies in Computational Intelligence | - |
dc.title | Detection of replay attack traffic in ICS network | - |
dc.type | Article | - |
dc.type.rims | ART | - |
dc.description.journalClass | 1 | - |
dc.identifier.doi | 10.1007/978-3-319-98370-7_10 | - |
dc.identifier.bibliographicCitation | Studies in Computational Intelligence, v.788, pp.124 - 136 | - |
dc.description.isOpenAccess | N | - |
dc.identifier.scopusid | 2-s2.0-85052713279 | - |
dc.citation.endPage | 136 | - |
dc.citation.startPage | 124 | - |
dc.citation.title | Studies in Computational Intelligence | - |
dc.citation.volume | 788 | - |
dc.contributor.affiliatedAuthor | Seo, J.-T. | - |
dc.type.docType | Book Chapter | - |
dc.subject.keywordAuthor | Anomaly detection | - |
dc.subject.keywordAuthor | Industrial Control System (ICS) | - |
dc.subject.keywordAuthor | Machine learning | - |
dc.subject.keywordAuthor | Network security | - |
dc.subject.keywordAuthor | Replay attack | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
1342, Seongnam-daero, Sujeong-gu, Seongnam-si, Gyeonggi-do, Republic of Korea(13120)031-750-5114
COPYRIGHT 2020 Gachon University All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.