Systems and methods for identifiying compromised devices within industrial control systems

A technology for industrial control systems and industrial equipment, applied in general control systems, control/regulation systems, comprehensive factory control, etc., to solve problems such as inability to meaningfully monitor network traffic, leaks, and systems vulnerable to attacks

Active Publication Date: 2018-07-17
CA TECH INC
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

As a result, traditional security techniques may not be able to meaningfully monitor network traffic within industrial control systems and/or detect suspicious behavior that suggests a particular device may h

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Systems and methods for identifiying compromised devices within industrial control systems
  • Systems and methods for identifiying compromised devices within industrial control systems
  • Systems and methods for identifiying compromised devices within industrial control systems

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The present invention generally relates to systems and methods for identifying compromised devices within industrial control systems. As will be explained in more detail below, by monitoring network traffic within an industrial network, the various systems and methods described herein enable the monitoring of industrial networks communicating via an industrial network even if the communication protocol is undocumented and / or not available to the public. Study and / or reverse engineer the communication protocols used by the control system. When communication protocols are learned and / or reverse engineered in this manner, the various systems and methods described herein can group similar traffic into groups of messages that share certain characteristics (e.g., same communication protocol, same purpose Internet Protocol (IP) address and / or the same destination port number). These systems and methods can then build a message protocol profile that describes the normal commun...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The disclosed computer-implemented method for identifying compromised devices within industrial control systems may include monitoring (302) network traffic within a network that facilitates communication for an industrial control system that includes an industrial device, creating (304), based at least in part on the network traffic, a message protocol profile for the industrial device that describes a network protocol used to communicate with the industrial device and normal communication patterns of the industrial device, detecting (306) at least one message that involves the industrial device and at least one other computing device included in the industrial control system, determining (308), by comparing the message with the message protocol profile, that the message represents an anomaly, and then determining (310), based at least in part on the message representing the anomaly, that the other computing device has likely been compromised. Various other methods, systems, and computer-readable media are also disclosed.

Description

Background technique [0001] Industrial control systems are often used to control the functions of equipment and / or machines that perform manufacturing and / or production operations in an industrial environment. For example, nuclear power plants may implement and / or rely on industrial control systems to regulate the production and / or distribution of electrical power. The industrial control system may include a collection of sensors, actuators, controllers, control valves, motors, robotics, and / or computing devices. In this example, a nuclear power plant may represent a prime target for terrorist attacks due to severe damage in the event of a system failure and / or malfunction. [0002] Unfortunately, due to the high security requirements of some industrial control systems, the network protocols with which these industrial control systems communicate are poorly documented and / or available to the public. As a result, traditional security techniques may not be able to meaningfully...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G05B19/418H04L29/06
CPCG05B19/4185H04L63/1425H04L63/1441
Inventor I·B·科拉莱斯A·托恩贡卡尔
Owner CA TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap