Stock Status: In Stock
This paper presents research results on the detection of network security attacks in computer and control systems through the identification and monitoring of a synthetic "DNA sequence". Just as DNA characterizes the make up of the human body, and abnormal functioning of tissues can be traced to an altered DNA sequence, a "DNA sequence" of a computer system has similar functions. Changes in behavioral patterns of a computer system, such as virus attacks, are reflected in changes in the DNAsequence and appropriate actions can be taken. The security problem thus becomes one of defining what a DNA sequence should look like and how to monitor its evolution.The research aims at defining a DNA sequence for specific activities (e.g. TCP/IP traffic) and monitoring of its evolution. The paper describes schemes for handling changes in the DNA sequence which may result from legitimate operations or malicious attacks. We will also report on how the technology can be applied to a process control environment where industrial controllers are nowequipped with HTTP servers for data access. Such an environment is vulnerable for internal and external attacks, but also provides a practical and usable test bed for the ideas in this research.
- Downloadable files require Adobe Acrobat Reader.
All contents copyright of ISA © 1995-2014 All rights reserved.