SIA OpenIR  > 工业控制网络与系统研究室
Software-defined data flow detection and control approach for industrial modbus/TCP communication
Wan M(万明)1,3; Song Y(宋岩)2,3; Jing, Yuan1; Wang ZW(王照伟)3; Zhao JM(赵剑明)3; Zhang, Zhongshui4
Department工业控制网络与系统研究室
Conference Name3rd International Conference on Intelligent, Interactive Systems and Applications, IISA2018
Conference DateJune 29-30, 2018
Conference PlaceHongKong, China
Source PublicationAdvances in Intelligent, Interactive Systems and Applications - Proceedings of the 3rd International Conference on Intelligent, Interactive Systems and Applications IISA2018
PublisherSpringer Verlag
Publication PlaceBerlin
2019
Pages722-729
Indexed ByEI
EI Accession number20190606484556
Contribution Rank1
ISSN2194-5357
ISBN978-3-030-02803-9
KeywordModbus/TCP SDN Flow detection and control Cyber security
AbstractThere is an increasing consensus that software-defined networking may become a successful case to provide fine scalability and availability for industrial Internet, and it also brings new opportunities for the development of industrial cyber security. Aligning with the defense in depth strategy, this paper proposes a software-defined data flow detection and control approach for industrial Modbus/TCP communication. Furthermore, this approach designs a novel security strategy configuration service in SDN controllers to publish the flow control rules, and SDN switches match Modbus/TCP data flows with these flow control rules to detect and control abnormal communication behaviors. Specifically, a flow control rule database which stores all flow control rules of the entire control system is managed by SDN controllers, and a security flow table is maintained by each SDN switch according to different requirements of industrial communication. By using the DPI (Deep Packet Inspection) technology, this approach can run a deep analysis of Modbus/TCP packets according to the protocol specification, and block the improper control commands or undesired technology parameters. The qualitative analysis shows that the proposed approach possesses certain advantages and feasibilities.
Language英语
Document Type会议论文
Identifierhttp://ir.sia.cn/handle/173321/24163
Collection工业控制网络与系统研究室
Corresponding AuthorWan M(万明)
Affiliation1.School of Information, Liaoning University, Shenyang 110036, China
2.School of Physics, Liaoning University, Shenyang
3.110036, China
4.Shenyang Institute of Automation Chinese Academy of Sciences, Shenyang 110016, China
5.CNGC North Automatic Control Technology Institute, Taiyuan 030006, China
Recommended Citation
GB/T 7714
Wan M,Song Y,Jing, Yuan,et al. Software-defined data flow detection and control approach for industrial modbus/TCP communication[C]. Berlin:Springer Verlag,2019:722-729.
Files in This Item: Download All
File Name/Size DocType Version Access License
Software-Defined Dat(310KB)会议论文 开放获取CC BY-NC-SAView Download
Related Services
Recommend this item
Bookmark
Usage statistics
Export to Endnote
Google Scholar
Similar articles in Google Scholar
[Wan M(万明)]'s Articles
[Song Y(宋岩)]'s Articles
[Jing, Yuan]'s Articles
Baidu academic
Similar articles in Baidu academic
[Wan M(万明)]'s Articles
[Song Y(宋岩)]'s Articles
[Jing, Yuan]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[Wan M(万明)]'s Articles
[Song Y(宋岩)]'s Articles
[Jing, Yuan]'s Articles
Terms of Use
No data!
Social Bookmark/Share
File name: Software-Defined Data Flow Detection and Control Approach for Industrial Modbus_TCP Communication.pdf
Format: Adobe PDF
All comments (0)
No comment.
 

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.