Visible to the public Reconnaissance of Industrial Control System by deep packet inspection

TitleReconnaissance of Industrial Control System by deep packet inspection
Publication TypeConference Paper
Year of Publication2016
AuthorsWakchaure, M., Sarwade, S., Siddavatam, I.
Conference Name2016 IEEE International Conference on Engineering and Technology (ICETECH)
ISBN Number978-1-4673-9916-6
Keywordscommunication network, complex system, deep packet inspection, Deep Packet Inspection (DPI), electronic devices, industrial control, industrial control system, Industrial Control System (ICS), Inspection, integrated circuits, network protocol, Network reconnaissance, network traffic, Payloads, Ports (Computers), Protocols, pubcrawl, Reconnaissance, Resiliency, telecommunication traffic, Traffic classification

Industrial Control System (ICS) consists of large number of electronic devices connected to field devices to execute the physical processes. Communication network of ICS supports wide range of packet based applications. A growing issue with network security and its impact on ICS have highlighted some fundamental risks to critical infrastructure. To address network security issues for ICS a clear understanding of security specific defensive countermeasures is required. Reconnaissance of ICS network by deep packet inspection (DPI) consists analysis of the contents of the captured packets in order to get accurate measures of process that uses specific countermeasure to create an aggregated posture. In this paper we focus on novel approach by presenting a technique with captured network traffic. This technique is capable to identify the protocols and extract different features for classification of traffic based on network protocol, header information and payload to understand the whole architecture of complex system. Here we have segregated possible types of attacks on ICS.

Citation Keywakchaure_reconnaissance_2016