Visible to the public A security protection approach based on software defined network for inter-area communication in industrial control systems

TitleA security protection approach based on software defined network for inter-area communication in industrial control systems
Publication TypeConference Paper
Year of Publication2017
AuthorsYang, J., Zhou, C., Zhao, Y.
Conference Name12th International Conference on System Safety and Cyber-Security 2017 (SCSS)
ISBN Number978-1-78561-745-4
Keywordsattacks propagation prevention, composability, computer network security, control engineering computing, customized communication protection technology, cyber-attacks detection, deep network behaviors analysis, Entropy, Hazards, hazards propagation prevention, industrial control, industrial control systems, information entropy, Inter-Area Communication, interarea communication protection, Metrics, Networked Control Systems Security, Package Inspection, production engineering computing, pubcrawl, resilience, Resiliency, security inspection method, security interarea communication architecture, security protection, security protection approach, Software Defined Network, Software Defined Network (SDN), software defined networking

Currently, security protection in Industrial Control Systems has become a hot topic, and a great number of defense techniques have sprung up. As one of the most effective approaches, area isolation has the exceptional advantages and is widely used to prevent attacks or hazards propagating. However, most existing methods for inter-area communication protection present some limitations, i.e., excessively depending on the analyzing rules, affecting original communication. Additionally, the network architecture and data flow direction can hardly be adjusted after being deployed. To address these problems, a dynamical and customized communication protection technology is proposed in this paper. In detail, a security inter-area communication architecture based on Software Defined Network is designed firstly, where devices or subsystems can be dynamically added into or removed from the communication link. And then, a security inspection method based on information entropy is presented for deep network behaviors analysis. According to the security analysis results, the communications in the network can be adjusted in time. Finally, simulations are constructed, and the results indicate that the proposed approach is sensitive and effective for cyber-attacks detection.

Citation Keyyang_security_2017