Obfuscation of Critical Infrastructure Network Traffic Using Fake Communication

  • Sungho Jeon
  • Jeong-Han YunEmail author
  • Woo-Nyon Kim
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8985)


The tendency in cyber attacks has evolved from ones immediately causing abnormal operations to advanced attacks after information extraction by traffic sniffing. In particular, the unchanging characteristics of CIS networks are more susceptible to advanced attacks through information extraction. In this paper, we suggest the concept of an obfuscation method for CIS network traffic to interfere with information extraction. We investigated the characteristics of CIS traffic as found from real data. Based on our observations, we propose a method of creating fake communication to make the best use of surplus network bandwidth. We show that our method can vary the characteristics of a CIS network to prevent information extraction by sniffing.


Critical infrastructure network traffic protection Fake communication 


  1. 1.
    Düssel, P., Gehl, C., Laskov, P., Bußer, J.-U., Störmann, C., Kästner, J.: Cyber-critical infrastructure protection using real-time payload-based anomaly detection. In: Rome, E., Bloomfield, R. (eds.) CRITIS 2009. LNCS, vol. 6027, pp. 85–97. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Karnouskos, S., Colombo, A.W.: Architecting the next generation of service-based scada/dcs system of systems. In: IECON 2011–37th Annual Conference on IEEE Industrial Electronics Society, pp. 359–364. IEEE (2011)Google Scholar
  3. 3.
    MicroWorks, T.: Dnp3 overview. Raleigh, North Carolina (2002).

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.The Attached Institute of ETRIDaejeonSouth Korea

Personalised recommendations