Systems and methods for identifying compromised devices within an industrial control system
A technology for industrial control systems and industrial equipment, which is applied in the field of identifying leaked equipment in industrial control systems, and can solve problems such as inability to meaningfully monitor network traffic, leaks, and systems vulnerable to attacks.
Active Publication Date: 2021-03-09
CA TECH INC
View PDF5 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
As a result, traditional security techniques may not be able to meaningfully monitor network traffic within industrial control systems and / or detect suspicious behavior that suggests a particular device may have been compromised
As such, traditional security techniques may be somewhat ineffective at identifying compromised devices within industrial control systems, which may leave such systems vulnerable to attack
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0022] The present invention generally relates to systems and methods for identifying compromised devices within industrial control systems. As will be explained in more detail below, by monitoring network traffic within an industrial network, the various systems and methods described herein enable the monitoring of industrial networks communicating via an industrial network even if the communication protocol is undocumented and / or not available to the public. Study and / or reverse engineer the communication protocols used by the control system. When communication protocols are learned and / or reverse engineered in this manner, the various systems and methods described herein can group similar traffic into groups of messages that share certain characteristics (e.g., same communication protocol, same purpose Internet Protocol (IP) address and / or the same destination port number). These systems and methods can then build a message protocol profile that describes the normal commun...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
Disclosed is a computer-implemented method for identifying compromised equipment within an industrial control system that may include monitoring (302) network traffic within a network that facilitates industrial controlling communication of a system; creating a message protocol configuration file for said industrial device based at least in part on said network traffic (304), said message protocol configuration file describing a network protocol for communicating with said industrial device and said normal communication mode of the industrial device; detecting (306) at least one message involving the industrial device and at least one other computing device included in the industrial control system; by matching the message with the message protocol configuration file comparing to determine ( 308 ) that the message indicates an anomaly; and then determining ( 310 ) that the other computing device may have been compromised based at least in part on the message indicating the anomaly. Various other methods, systems, and computer-readable media are also disclosed herein.
Description
technical field [0001] The present disclosure relates to systems and methods for identifying compromised devices within an industrial control system. Background technique [0002] Industrial control systems are often used to control the functions of equipment and / or machines that perform manufacturing and / or production operations in an industrial environment. For example, nuclear power plants may implement and / or rely on industrial control systems to regulate the production and / or distribution of electrical power. The industrial control system may include a collection of sensors, actuators, controllers, control valves, motors, robotics, and / or computing devices. In this example, a nuclear power plant may represent a prime target for terrorist attacks due to severe damage in the event of a system failure and / or malfunction. [0003] Unfortunately, due to the high security requirements of some industrial control systems, the network protocols with which these industrial cont...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G05B19/418H04L29/06
CPCG05B19/4185H04L63/1425H04L63/1441
Inventor I·B·科拉莱斯A·托恩贡卡尔
Owner CA TECH INC