|
Intrusion Monitoring in Process Control Systems
by Dr. Steven Cheung & Alfonso Valdes.
From Proceedings of the 42nd Hawaii International Conference on System Sciences.
Big Island, Hawaii. January 5-8, 2009.
IEEE Computer Society Press.
Abstract
To protect process control networks from cyber intrusions,
preventive security measures such as perimeter
defenses (for example, network firewalls and demilitarized zones)
and secure versions of process control network protocols
have been increasingly adopted or proposed.
Although system hardening and fixing known vulnerabilities
of existing systems are crucial to secure process control
systems, intrusion monitoring is essential to ensure that
the preventive measures are not compromised or bypassed.
Our approach involves a multilayer security architecture
for monitoring process control systems to achieve
accurate and effective situational awareness.
Also, we leverage some of the characteristics of process
control systems such as the regularity of network
traffic patterns to perform intrusion detection,
with the potential to detect unknown attacks.
To facilitate human analysts to gain a better understanding
of anomalous network traffic patterns, we present a
visualization tool that supports multiple user-customizable
views and animation for analyzing network packet traces.
BibTEX Entry
@InProceedings{Valdes:2009:PCSmonitoring,
author = "Alfonso Valdes and Steven Cheung",
title = "Intrusion Monitoring in Process Control Systems",
booktitle = "Proceedings of the $42^{nd}$ Hawaii International
Conference on System Sciences",
address = "Big Island, Hawaii",
month = jan # "~5--8,",
year = 2009
}
Files
|
|