Security Modules for Securing Industrial Networks

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F22%3APU142636" target="_blank" >RIV/00216305:26220/22:PU142636 - isvavai.cz</a>

Výsledek na webu

<a href="https://ieeexplore.ieee.org/document/9742069" target="_blank" >https://ieeexplore.ieee.org/document/9742069</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/CECIT53797.2021.00199" target="_blank" >10.1109/CECIT53797.2021.00199</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Security Modules for Securing Industrial Networks

Popis výsledku v původním jazyce

This article focuses on the incident detection techniques of communication in the Modbus/TCP protocol. Modbus/TCP does not implement authentication or communication encryption. Therefore, a Modbus Security Module was created allowing sniffing a specific network traffic and parsing particular information from the packets. This information is stored in a database using PostgreSQL on each master and slave station. Such a technique brings a new way to perform incident detection and to evaluate the transmitted packet's authenticity and integrity. Data taken from the database are used for an incident detection via a trained neural network. Using the presented approach, it is possible to detect all attacks targeting the slave station (originating from a non-master station). Using a neural network, it is possible to detect simulated attacks (originating from a master station) with an accuracy of 99.52 %. There is an additional authentication of individual stations using the created SSH connection between databases. For the proposal evaluation, IEEE dataset was used, where a significant increase of the neural network's accuracy was achieved using the proposed method.

Název v anglickém jazyce

Security Modules for Securing Industrial Networks

Popis výsledku anglicky

This article focuses on the incident detection techniques of communication in the Modbus/TCP protocol. Modbus/TCP does not implement authentication or communication encryption. Therefore, a Modbus Security Module was created allowing sniffing a specific network traffic and parsing particular information from the packets. This information is stored in a database using PostgreSQL on each master and slave station. Such a technique brings a new way to perform incident detection and to evaluate the transmitted packet's authenticity and integrity. Data taken from the database are used for an incident detection via a trained neural network. Using the presented approach, it is possible to detect all attacks targeting the slave station (originating from a non-master station). Using a neural network, it is possible to detect simulated attacks (originating from a master station) with an accuracy of 99.52 %. There is an additional authentication of individual stations using the created SSH connection between databases. For the proposal evaluation, IEEE dataset was used, where a significant increase of the neural network's accuracy was achieved using the proposed method.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20203 - Telecommunications

Projekt

<a href="/cs/project/FV40366" target="_blank" >FV40366: Datový monitoring pro zvýšení spolehlivosti procesů chytrých továren</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

2021 2nd International Conference on Electronics, Communications and Information Technology (CECIT 2021)

ISBN

978-1-6654-3757-8

ISSN

—

e-ISSN

—

Počet stran výsledku

8

Strana od-do

1125-1132

Název nakladatele

Institute of Electrical and Electronics Engineers Inc.

Místo vydání

neuveden

Místo konání akce

Sanya

Datum konání akce

27. 12. 2021

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—