Please use this identifier to cite or link to this item:
|Title:||Modbus/DNP3 State-based Filtering System|
|Authors:||NAI FOVINO Igor; CARCANO Andrea; MASERA Marcelo|
|Citation:||Proceedings of the 2010 IEEE International Symposium on Industrial Electronics, ISBN: 978-1-4244-6391-6 p. 231-236|
|Publisher:||Institute of Electrical and Electronics Engineers (IEEE)|
|Type:||Contributions to Conferences|
|Abstract:||The security of SCADA systems is one of the most pressing subjects in industrial systems, especially for those installation actively using the public network in order to provide new features and services. In this paper we present an innovative approach to the design of Filtering Systems based on the state analysis of the system being monitored. The aim is to detect attacks composed of a set of ¿SCADA¿ commands that, while licit when considered in isolation on a single-packet basis, can disrupt the correct behavior of the system when executed in particular operating states. The proposed firewall detects these complex attacks thanks to an internal representation of the controlled SCADA system. Furthermore, we detail the design of the architecture of the IDS for systems using the ModBus and DNP3 protocols, and the implementation of a prototype, providing experimental comparative results that confirm the validity of the proposed approach.|
|JRC Institute:||Institute for the Protection and Security of the Citizen|
Files in This Item:
There are no files associated with this item.
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.