Automating security tests for industrial automation devices using neural networks

Automating security tests for industrial automation devices using neural networks

TCP/IP OS fingerprinting is the task of identify a machine operating system according to its protocol stack implementation. Fingerprinting tools are able to provide information that can be useful to protect SCADA systems. It can be used for network device inventory, detect unauthorized or dangerous...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Medeiros, J.P.S., da Cunha, A.C., Brito, A.M., Pires, P.S.M.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Automatic testing
Automation
Fingerprint recognition
Information security
Neural networks
Operating systems
Protection
Protocols
SCADA systems
TCPIP
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:TCP/IP OS fingerprinting is the task of identify a machine operating system according to its protocol stack implementation. Fingerprinting tools are able to provide information that can be useful to protect SCADA systems. It can be used for network device inventory, detect unauthorized or dangerous devices and select security tests. In this work we propose a new method for identify and classify network devices using the nmap tool fingerprinting capabilities and a neural network. With a new metric based on Euclidean distance for comparing OS fingerprints and a self-organizing neural net, we build a contextual map that groups similarities between systems. This map will be used to identify devices based on its operating system and select security tests according to the device class it belongs to.
ISSN:1946-0740
1946-0759
DOI:10.1109/EFTA.2007.4416854