Abstract
Industrial control systems are cyber-physical systems that supervise and control physical processes in critical infrastructures such as electric grids, water and wastewater treatment plants, oil and natural gas pipelines, transportation systems and chemical plants and refineries. Leveraging the stable and persistent control flow communications patterns in industrial control systems, this chapter proposes an innovative control system fingerprinting methodology that analyzes industrial control protocols to capture normal behavior characteristics. The methodology can be used to identify specific physical processes and control system components in industrial facilities and detect abnormal behavior. An experimental testbed that incorporates real systems for the cyber domain and simulated systems for the physical domain is used to validate the methodology. The experimental results demonstrate that the fingerprinting methodology holds promise for detecting anomalies in industrial control systems and cyber-physical systems used in the critical infrastructure.
Chapter PDF
Similar content being viewed by others
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Peng, Y., Xiang, C., Gao, H., Chen, D., Ren, W. (2015). Industrial Control System Fingerprinting and Anomaly Detection. In: Rice, M., Shenoi, S. (eds) Critical Infrastructure Protection IX. ICCIP 2015. IFIP Advances in Information and Communication Technology, vol 466. Springer, Cham. https://doi.org/10.1007/978-3-319-26567-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-26567-4_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26566-7
Online ISBN: 978-3-319-26567-4
eBook Packages: Computer ScienceComputer Science (R0)