loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Florian Patzer 1 ; Ankush Meshram 2 and Maximilian Heß 1

Affiliations: 1 Fraunhofer Institute of Optronics, System Technologies and Image Exploitation (IOSB), Karlsruhe and Germany ; 2 Vision and Fusion Laboratory (IES), Karlsruhe Institute of Technology (KIT), Karlsruhe and Germany

Keyword(s): Incident Response, SDN Security, Industrial Control Systems, ICS Security, Software-defined Networking.

Related Ontology Subjects/Areas/Topics: Internet Technology ; Intrusion Detection and Response ; Web Information Systems and Technologies

Abstract: Modern technologies and concepts for Industrial Control Systems (ICS) are evolving towards high flexibility of processes and respectively networks. Such dynamic networks are already functioning well, for example in data centres. This is enabled by application of the Software-defined Networking (SDN) paradigm. For this reason, ICS is currently adopting SDN. The concept of having a centralized view of the network and generating packet forwarding rules to control it enables performing automated responses to network events and classified incidents via SDN. This automation can provide timely and, due to the holistic view of the network, accurate incident response actions. However, availability, safety, real-time and redundancy requirements within the ICS domain restrict the application of such an automated approach. At present, SDN-based incident response (SDN-IR) does not take into consideration these requirements. In this work, we identify possible SND-based response actions to ICS inci dents and introduce classification of assets and links. Furthermore, we present a concept for SDN-IR where a predefined rule set restricts the response actions based on the asset’s classification thereby satisfying ICS specific requirements. Subsequently, we describe and evaluate a prototype implementation of this concept, built with the open-source SDN platform OpenDaylight and the SDN protocol OpenFlow. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.237.65.102

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Patzer, F.; Meshram, A. and Heß, M. (2019). Automated Incident Response for Industrial Control Systems Leveraging Software-defined Networking. In Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-359-9; ISSN 2184-4356, SciTePress, pages 319-327. DOI: 10.5220/0007359503190327

@conference{icissp19,
author={Florian Patzer. and Ankush Meshram. and Maximilian Heß.},
title={Automated Incident Response for Industrial Control Systems Leveraging Software-defined Networking},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP},
year={2019},
pages={319-327},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007359503190327},
isbn={978-989-758-359-9},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP
TI - Automated Incident Response for Industrial Control Systems Leveraging Software-defined Networking
SN - 978-989-758-359-9
IS - 2184-4356
AU - Patzer, F.
AU - Meshram, A.
AU - Heß, M.
PY - 2019
SP - 319
EP - 327
DO - 10.5220/0007359503190327
PB - SciTePress