Simplified Method for Fast and Efficient Incident Detection in Industrial Networks
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F20%3APU137136" target="_blank" >RIV/00216305:26220/20:PU137136 - isvavai.cz</a>
Výsledek na webu
<a href="http://dx.doi.org/10.1109/CSNet50428.2020.9265536" target="_blank" >http://dx.doi.org/10.1109/CSNet50428.2020.9265536</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/CSNet50428.2020.9265536" target="_blank" >10.1109/CSNet50428.2020.9265536</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
Simplified Method for Fast and Efficient Incident Detection in Industrial Networks
Popis výsledku v původním jazyce
This article is focused on industrial networks and their security. An industrial network typically works with older devices that do not provide security at the level of today’s requirements. Even protocols often do not support security at a sufficient level. It is necessary to deal with these security issues due to digitization. It is therefore required to provide other techniques that will help with security. For this reason, it is possible to deploy additional elements that will provide additional security and ensure the monitoring of the network, such as the Intrusion Detection System. These systems recognize identified signatures and anomalies. Methods of detecting security incidents by detecting anomalies in network traffic are described. The proposed methods are focused on detecting DoS attacks in the industrial Modbus protocol and operations performed outside the standard interval in the Distributed Network Protocol 3. The functionality of the performed methods is tested in the IDS system Zeek.
Název v anglickém jazyce
Simplified Method for Fast and Efficient Incident Detection in Industrial Networks
Popis výsledku anglicky
This article is focused on industrial networks and their security. An industrial network typically works with older devices that do not provide security at the level of today’s requirements. Even protocols often do not support security at a sufficient level. It is necessary to deal with these security issues due to digitization. It is therefore required to provide other techniques that will help with security. For this reason, it is possible to deploy additional elements that will provide additional security and ensure the monitoring of the network, such as the Intrusion Detection System. These systems recognize identified signatures and anomalies. Methods of detecting security incidents by detecting anomalies in network traffic are described. The proposed methods are focused on detecting DoS attacks in the industrial Modbus protocol and operations performed outside the standard interval in the Distributed Network Protocol 3. The functionality of the performed methods is tested in the IDS system Zeek.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
20203 - Telecommunications
Návaznosti výsledku
Projekt
<a href="/cs/project/VI20192022132" target="_blank" >VI20192022132: Kybernetická aréna pro výzkum, testování a edukaci v oblasti kyberbezpečnosti</a><br>
Návaznosti
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Ostatní
Rok uplatnění
2020
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
4th Cyber Security in Networking Conference
ISBN
978-0-7381-4292-0
ISSN
—
e-ISSN
—
Počet stran výsledku
3
Strana od-do
1-3
Název nakladatele
Neuveden
Místo vydání
Neuveden
Místo konání akce
Lausanne
Datum konání akce
21. 10. 2020
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
—