Monitoring Controller’s "DNA Sequence" For System Security - ETCON 2001

About

This paper presents research results on the detection of network security attacks in computer and control systems through the identification and monitoring of a synthetic "DNA sequence". Just as DNA characterizes the make up of the human body, and abnormal functioning of tissues can be traced to an altered DNA sequence, a "DNA sequence" of a computer system has similar functions. Changes in behavioral patterns of a computer system, such as virus attacks, are reflected in changes in the DNA
sequence and appropriate actions can be taken. The security problem thus becomes one of defining what a DNA sequence should look like and how to monitor its evolution.

The research aims at defining a DNA sequence for specific activities (e.g. TCP/IP traffic) and monitoring of its evolution. The paper describes schemes for handling changes in the DNA sequence which may result from legitimate operations or malicious attacks. We will also report on how the technology can be applied to a process control environment where industrial controllers are now
equipped with HTTP servers for data access. Such an environment is vulnerable for internal and external attacks, but also provides a practical and usable test bed for the ideas in this research.

- Downloadable files require Adobe Acrobat Reader.

Customers who bought this product also bought: Binary Logic Diagrams For Process Operations (Downloadable) Graphic Symbols for Distributed Control/Shared Display Instrumentation, Logic, and Computer Systems (Downloadable) Safety Instrumented Functions (SIF) - Safety Integrity Level (SIL) Evaluation Techniques Part 1: Introduction (Downloadable) ISA Certified Automation Professional Job Analysis Study