Abstract
The Internet and the traditional network continue to converge. With the continuous occurrence of security incidents for industrial control systems such as the “Stuxnet” and the Ukraine power grid incident, the security of industrial control systems has attracted more and more attention from the state and enterprises. In order to cope with the continuous attacks, an active defense system for industrial control systems based on dynamic behavior analysis is proposed in this paper. By analyzing the traffic of the captured intruder and the attack behavior of the intruder, the system can make corresponding countermeasures when the attack occurs. The system realizes the expected goal of the industrial control system to actively defend against the intrusion behavior.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Xia, C., Liu, T., Wang, H., et al.: Current situation and development trend of information security in industrial control systems. Inf. Secur. Technol. 4(2), 13–18 (2013)
Fan, K., Gao, L., Yao, X., et al.: Information security guidelines for industrial control systems, pp. 102–110. Science Press, Beijing (2016)
Tang, W.: Information security of industrial automation control system based on defense concept in depth. China Instrum. (S1), 112–118 (2013)
Cheng, J., Xu, R., Tang, X., et al.: An abnormal network flow feature sequence prediction approach for DDoS attacks detection in big data environment. CMC: Comput. Mater. Continua 55(1), 095–119 (2018)
lv, S., Sun, L., Shi, Z., et al.: Discussion on safety supervision and protection of industrial control system in key infrastructure. Sci. Technol. Confid. (9), 12–17 (2016)
Creery, A.A., Byres, E.: Industrial cybersecurity for a power system and SCADA networks-Be secure. Ind. Appl. Mag. IEEE 13(4), 49–55 (2007)
Wade, S.M.: SCADA honeynets: the attractiveness of honeypots as critical infrastructure security tools for the detection and analysis of the advanced threats (2011)
Krutz, R.L.: Securing SCADA Systems. Wiley, Hoboken (2005)
Jack, K., Cleo, Wu, P., et al.: Practical solutions for Snort intrusion detection. China Machine Press (2005)
Yin, L.: Research and development of intrusion detection technology. In: Electrical & Electronics Engineering, pp. 389–391. IEEE (2012)
Wang, Y., Ai, Z., Zhang, X.: Research and implementation of tracing technology based on honey label and honeypot. Inf. Technol. (03), 108–112 (2018)
Hu, H.: Design and implementation of industrial control intrusion acquisition system based on honeypot technology. Zhengzhou University (2017)
Bao, J., Ji, C.P., Gao, M.: Research on network security of defense based on Honeypot. In: International Conference on Computer Application and System Modeling, pp. V10-299–V10-302. IEEE (2010)
Qiao, P., Yue, Y.: Application of honeypot technology in network security. J. Harbin Univ. Sci. Technol. (03), 37–41 (2009)
Cheang, C.F., Wang, Y., Cai, Z., Xu, G.: Multi-VMs intrusion detection for cloud security using Dempster-shafer theory. CMC: Comput. Mater. Continua 57(2), 297–306 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Yu, W., Jiang, Y., Lin, Y. (2019). Active Defense System of Industrial Control System Based on Dynamic Behavior Analysis. In: Sun, X., Pan, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2019. Lecture Notes in Computer Science(), vol 11635. Springer, Cham. https://doi.org/10.1007/978-3-030-24268-8_57
Download citation
DOI: https://doi.org/10.1007/978-3-030-24268-8_57
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24267-1
Online ISBN: 978-3-030-24268-8
eBook Packages: Computer ScienceComputer Science (R0)