Profiling communication patterns between devices in the Industrial Internet of Things (IIoT) ecosystems is important for deploying security measures like detecting anomalies and potential cyber-attacks. In this chapter we perform deep-packet inspection of various industrial protocols to generate models of communications between pairs of IIoT devices; in particular, we use discrete-time Markov chain models applied to four different industrial networks: (1) an electrical substation, (2) a small-scale water testbed, (3) a large-scale water treatment facility, and (4) an energy management system of a university campus. These datasets represent a variety of modern industrial protocols communicating over IP-compatible networks, including EtherNet/IP (Ethernet/Industrial Protocol), DNP3 (Distributed Network Protocol), and Modbus/TCP (Transmission Control Protocol).
CITATION STYLE
Faisal, M. A., Cardenas, A. A., & Wool, A. (2019). Profiling communications in industrial ip networks: Model complexity and anomaly detection. In Advanced Sciences and Technologies for Security Applications (pp. 139–160). Springer. https://doi.org/10.1007/978-3-030-12330-7_7
Mendeley helps you to discover research relevant for your work.