Dissecting Industrial Control Systems Protocol for Deep Packet Inspection

Guillermo Francia; Xavier P. Francia

Vol. 1 No. 1 (2013), Articles

Vol. 1 No. 1 (2013)

Dissecting Industrial Control Systems Protocol for Deep Packet Inspection

Articles

Published 2013-06-01

Guillermo Francia, III⁺⁻
Xavier P. Francia⁺⁻

Guillermo Francia, III

Jacksonville State University

Xavier P. Francia

Jacksonville State University

PDF

Keywords

Industrial Control Systems (ICS)
Network Protocols
Deep Packet Inspection
Firewall
Intrusion Prevention
SCADA

Abstract

The nation's critical infrastructures, such as those found in industrial control systems (ICS), are increasingly at risk and vulnerable to internal and external threats. One of the traditional ways of controlling external threats is through a network device called a firewall. However, given that the payload for controlling the ICS is usually encapsulated in other protocols, the tendency is for the firewall to allow packets that appear to be innocuous. These seemingly harmless packets can be carriers for sinister attacks that are buried deep into the payload. The purpose of this paper is to present the different ICS protocol header signatures for the purpose of devising deep packet inspection strategies that can be implemented in network firewalls.

PDF

Open Access License Notice:
This article is © its author(s) and licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0), regardless of any copyright or pricing statements appearing in the PDF. The PDF reflects formatting used for the print edition and not the current open access licensing policy.