Skip to Main content Skip to Navigation
Conference papers

Generating Abnormal Industrial Control Network Traffic for Intrusion Detection System Testing

Abstract : Industrial control systems are widely used across the critical infrastructure sectors. Anomaly-based intrusion detection is an attractive approach for identifying potential attacks that leverage industrial control systems to target critical infrastructure assets. In order to analyze the performance of an anomaly-based intrusion detection system, extensive testing should be performed by considering variations of specific cyber threat scenarios, including victims, attack timing, traffic volume and transmitted contents. However, due to security concerns and the potential impact on operations, it is very difficult, if not impossible, to collect abnormal network traffic from real-world industrial control systems. This chapter addresses the problem by proposing a method for automatically generating a variety of anomalous test traffic based on cyber threat scenarios related to industrial control systems.
Document type :
Conference papers
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02076309
Contributor : Hal Ifip <>
Submitted on : Friday, March 22, 2019 - 9:29:54 AM
Last modification on : Friday, March 22, 2019 - 9:53:54 AM
Long-term archiving on: : Sunday, June 23, 2019 - 12:58:35 PM

File

476849_1_En_14_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Joo-Yeop Song, Woomyo Lee, Jeong-Han Yun, Hyunjae Park, Sin-Kyu Kim, et al.. Generating Abnormal Industrial Control Network Traffic for Intrusion Detection System Testing. 12th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2018, Arlington, VA, United States. pp.265-281, ⟨10.1007/978-3-030-04537-1_14⟩. ⟨hal-02076309⟩

Share

Metrics

Record views

73