access_time 28 de janeiro de 2020 às 14:30 até 28 de janeiro de 2020 às 15:30
place Room 336, INESC-ID (Alves Redol)
ICS (Industrial control system) infrastructures have been subjected to cyber-physical attacks that caused service disruption and damaged physical facilities. Cyber-security MIA (mission impact assessment) systems can help organizations pinpoint the flaws exploited by these attacks and identify the physical assets and services compromised. However they require a high amount of specification to properly conduct MIA assessments. This paper proposes a solution to automatically obtain the ICS network and process model specification necessary to configure MIA systems. The solution leverages network reconnaissance based on protocol dissection and process discovery algorithms to generate specification. The solution also uses an innovative way to identify ICS business process activities in network communications by measuring packet frequency. An experimental evaluation on the proposed solution was conducted using a ICS power grid testbed from iTrust labs, and provided precise ICS network and process specifications.
local_offer Tópicos de Investigação
person Candidato: Filipe Miguel Marcos Apolinário
supervisor_account Orientador: Prof. Miguel Nuno Dias Alves Pupo Correia / Prof. Miguel Filipe Leitão Pardal