Skip to main content
SpringerLink
Log in

Periodic Mining of Traffic Information in Industrial Control Networks

  • Conference paper
  • First Online:
Book cover Advanced Information Networking and Applications (AINA 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1151))

Abstract

With the increasing demand for security in industrial control systems, many researchers are studying industrial control systems for anomaly detection. Most of them use machine learning method to analyze and predict the traffic, but it is not enough to study the periodic characteristics of the industrial control system. This paper analyzes and studies the characteristics of the protocol field by extracting the unique protocol Modbus in the industrial control system. In this paper, the periodic characteristics of industrial control data are mined from the aspects of symbol sequence. We simulate traffic and test the proposed method which shows that it can effectively detect the periodicity of different sequences in the industrial control system and provide an auxiliary method for anomaly detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Yusheng, W., et al.: Intrusion detection of industrial control system based on modbus TCP protocol. In: 2017 IEEE 13th International Symposium on Autonomous Decentralized System (ISADS), Bangkok, pp. 156–162 (2017)

    Google Scholar 

  2. Yasakethu, S.L.P., Jiang, J.: Intrusion detection via machine learning for SCADA system protection. In: Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013), pp. 101–105. BCS, UK (2013)

    Google Scholar 

  3. Barbosa, R.R.R., Sadre, R., Pras, A.: Towards periodicity based anomaly detection in SCADA networks. In: Proceedings of 2012 IEEE 17th International Conference on Emerging Technologies & Factory Automation (ETFA 2012), Krakow, pp. 1–4 (2012)

    Google Scholar 

  4. Elfeky, M.G., Aref, W.G., Elmagarmid, A.K.: Periodicity detection in time series databases. IEEE Trans. Knowl. Data Eng. 17(7), 875–887 (2005)

    Article  Google Scholar 

  5. Goldenberg, N., Wool, A.: Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems. Int. J. Crit. Infrastruct. Prot. 6, 63–75 (2013). https://doi.org/10.1016/j.ijcip.2013.05.001

    Article  Google Scholar 

  6. Stefanidis, K., Voyiatzis, A.G.: An HMM-based anomaly detection approach for SCADA systems. In: Foresti, S., Lopez, J. (eds.) Information Security Theory and Practice, WISTP 2016. Lecture Notes in Computer Science, vol 9895. Springer, Cham (2016)

    Google Scholar 

  7. Shang, W., Zhang, S., Wan, M.: Modbus/TCP communication anomaly detection algorithm based on PSO-SVM. In: Applied Mechanics and Materials, vol. 490–491, pp. 1745–1753 (2014). https://www.scientific.net/AMM.490-491.1745

  8. Modbus industrial automation network specification - Part 3: GBT 19582.3–2008

    Google Scholar 

  9. Li, W., Li, J., He, X., Xie, X.: A method of determining network security baseline of industrial control system by traffic analysis. Bull. Sci. Technol. 34(09), 176–179 (2018)

    Google Scholar 

  10. Chanda, A.K., Ahmed, C.F., Samiullah, M., Leung, C.K.: A new framework for mining weighted periodic patterns in time series databases. Expert Syst. Appl. 79, 207–224 (2017)

    Article  Google Scholar 

  11. Knapp, E.D., Langill, J.T.: Industrial network security: securing critical infrastructure networks for smart grid SCADA, and other industrial control systems. Syngress (2014). https://doi.org/10.1016/B978-0-12-420114-9.00018-6

    Article  Google Scholar 

  12. Huitsing, P., Chandia, R., Papa, M., Shenoi, S.: Attack taxonomies for the Modbus protocols. Int. J. Crit. Infrastruct. Prot. 1, 37–44 (2008). https://doi.org/10.1016/j.ijcip.2008.08.003

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer, Beijing University of Posts and Telecommunications, Beijing, China

    Jiahui Ni, Jingling Zhao & Yiming Hu

  2. Zhongan Industrial Control (Beijing) Technology Co., Ltd, Beijing, China

    Wenqing Yin & Yong Jiang

  3. National Engineering Laboratory for Mobile Network, Beijing, China

    Jiahui Ni & Yiming Hu

Authors
  1. Jiahui Ni
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenqing Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yong Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jingling Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yiming Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jiahui Ni .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Faculty of Information Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. Department of Electrical Engineering and Information Technology, University of Naples “Frederico II”, Naples, Italy

    Flora Amato

  3. Department of Political Science, University of Campania “Luigi Vanvitelli”, Caserta, Italy

    Francesco Moscato

  4. Faculty of Business Administration, Rissho University, Tokyo, Japan

    Tomoya Enokido

  5. Department of Advanced Sciences, Faculty of Science and Engineering, Hosei University, Tokyo, Japan

    Makoto Takizawa

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ni, J., Yin, W., Jiang, Y., Zhao, J., Hu, Y. (2020). Periodic Mining of Traffic Information in Industrial Control Networks. In: Barolli, L., Amato, F., Moscato, F., Enokido, T., Takizawa, M. (eds) Advanced Information Networking and Applications. AINA 2020. Advances in Intelligent Systems and Computing, vol 1151. Springer, Cham. https://doi.org/10.1007/978-3-030-44041-1_16

Download citation

Publish with us

Policies and ethics

Search

Navigation