Simplified Method for Fast and Efficient Incident Detection in Industrial Networks

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F20%3APU137136" target="_blank" >RIV/00216305:26220/20:PU137136 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1109/CSNet50428.2020.9265536" target="_blank" >http://dx.doi.org/10.1109/CSNet50428.2020.9265536</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/CSNet50428.2020.9265536" target="_blank" >10.1109/CSNet50428.2020.9265536</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Simplified Method for Fast and Efficient Incident Detection in Industrial Networks

Popis výsledku v původním jazyce

This article is focused on industrial networks and their security. An industrial network typically works with older devices that do not provide security at the level of today’s requirements. Even protocols often do not support security at a sufficient level. It is necessary to deal with these security issues due to digitization. It is therefore required to provide other techniques that will help with security. For this reason, it is possible to deploy additional elements that will provide additional security and ensure the monitoring of the network, such as the Intrusion Detection System. These systems recognize identified signatures and anomalies. Methods of detecting security incidents by detecting anomalies in network traffic are described. The proposed methods are focused on detecting DoS attacks in the industrial Modbus protocol and operations performed outside the standard interval in the Distributed Network Protocol 3. The functionality of the performed methods is tested in the IDS system Zeek.

Název v anglickém jazyce

Simplified Method for Fast and Efficient Incident Detection in Industrial Networks

Popis výsledku anglicky

This article is focused on industrial networks and their security. An industrial network typically works with older devices that do not provide security at the level of today’s requirements. Even protocols often do not support security at a sufficient level. It is necessary to deal with these security issues due to digitization. It is therefore required to provide other techniques that will help with security. For this reason, it is possible to deploy additional elements that will provide additional security and ensure the monitoring of the network, such as the Intrusion Detection System. These systems recognize identified signatures and anomalies. Methods of detecting security incidents by detecting anomalies in network traffic are described. The proposed methods are focused on detecting DoS attacks in the industrial Modbus protocol and operations performed outside the standard interval in the Distributed Network Protocol 3. The functionality of the performed methods is tested in the IDS system Zeek.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20203 - Telecommunications

Projekt

<a href="/cs/project/VI20192022132" target="_blank" >VI20192022132: Kybernetická aréna pro výzkum, testování a edukaci v oblasti kyberbezpečnosti</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2020

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

4th Cyber Security in Networking Conference

ISBN

978-0-7381-4292-0

ISSN

—

e-ISSN

—

Počet stran výsledku

3

Strana od-do

1-3

Název nakladatele

Neuveden

Místo vydání

Neuveden

Místo konání akce

Lausanne

Datum konání akce

21. 10. 2020

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—