Whitelisting for Critical IT-Based Infrastructure

Whitelisting for Critical IT-Based Infrastructure

Critical infrastructures are falsely believed to be safe when they are isolated from the Internet. However, the recent appearance of Stuxnet demonstrated that isolated networks are no longer safe. We observe that a better intrusion detection scheme can be established based on the unique features of...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEICE Transactions on Communications 2013/04/01, Vol.E96.B(4), pp.1070-1074
Hauptverfasser: JANG, YoungHwa, SHIN, InCheol, MIN, Byung-gil, SEO, Jungtaek, YOON, MyungKeun
Format: Artikel
Sprache:eng
Schlagworte:
Applied sciences
Exact sciences and technology
Interconnected networks
network management
Networks and services in france and abroad
SCADA
Services and terminals of telecommunications
Systems, networks and services of telecommunications
Telecommunications
Telecommunications and information theory
Telemetry. Remote supervision. Telewarning. Remote control
Teleprocessing networks. Isdn
traffic monitoring
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Critical infrastructures are falsely believed to be safe when they are isolated from the Internet. However, the recent appearance of Stuxnet demonstrated that isolated networks are no longer safe. We observe that a better intrusion detection scheme can be established based on the unique features of critical infrastructures. In this paper, we propose a whitelist-based detection system. Network and application-level whitelists are proposed, which are combined to form a novel cross-layer whitelist. Through experiments, we confirm that the proposed whitelists can exactly detect attack packets, which cannot be achieved by existing schemes.
ISSN:0916-8516
1745-1345
DOI:10.1587/transcom.E96.B.1070