期刊名称:Journal of Digital Forensics, Security and Law
印刷版ISSN:1558-7215
电子版ISSN:1558-7223
出版年度:2014
卷号:9
期号:1
页码:3
出版社:Association of Digital Forensics, Security and Law
摘要:Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks. Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services. This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be used to detect cyber attacks and to store evidence of attacks for post incident analysis. All attacks described in this paper were validated in a laboratory environment. The detection rate of the intrusion detection system rules presented by attack class is also presented.
关键词:cyber security; intrusion detection system; industrial control system; cyber physical system
