Catalogo dei prodotti della ricerca

Given the importance of an early anomaly detection, Intrusion Detection Systems (IDSs) are introduced in Supervisory Control And Data Acquisition (SCADA). Agents or probes form the cornerstone of any IDS by capturing network packets and extracting relevant information. However, IDSs are facing unprecedented challenges due to the escalation in the number, scale and diversity of attacks. Software-Defined Network (SDN) then comes into play and can provide the required flexibility and scalability. Building on that, we introduce Traffic Agent Controllers (TACs) that monitor SDN-enabled switches via Open- Flow. By using lightweight statistical metrics such as Kullback- Leibler Divergence (KLD), we are able to detect the slightest anomalies, such as stealth port scans, even in the presence of background traffic. The obtained metrics can also be used to locate the anomalies with precision over 90% inside a hierarchical network topology.

Softwarization of SCADA: Lightweight statistical SDN-agents for anomaly detection / Rinaldi, Giulia; Adamsky, Florian; Soua, Ridha; Baiocchi, Andrea; Engel, Thomas. - (2019), pp. 102-109. (Intervento presentato al convegno International Conference on Networks of the Future (NoF) tenutosi a Roma, Italy) [10.1109/NoF47743.2019.9014929].

Softwarization of SCADA: Lightweight statistical SDN-agents for anomaly detection

Baiocchi Andrea;
2019

Abstract

Given the importance of an early anomaly detection, Intrusion Detection Systems (IDSs) are introduced in Supervisory Control And Data Acquisition (SCADA). Agents or probes form the cornerstone of any IDS by capturing network packets and extracting relevant information. However, IDSs are facing unprecedented challenges due to the escalation in the number, scale and diversity of attacks. Software-Defined Network (SDN) then comes into play and can provide the required flexibility and scalability. Building on that, we introduce Traffic Agent Controllers (TACs) that monitor SDN-enabled switches via Open- Flow. By using lightweight statistical metrics such as Kullback- Leibler Divergence (KLD), we are able to detect the slightest anomalies, such as stealth port scans, even in the presence of background traffic. The obtained metrics can also be used to locate the anomalies with precision over 90% inside a hierarchical network topology.
2019
International Conference on Networks of the Future (NoF)
SCADA; network traffic security; traffic; SDN
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Softwarization of SCADA: Lightweight statistical SDN-agents for anomaly detection / Rinaldi, Giulia; Adamsky, Florian; Soua, Ridha; Baiocchi, Andrea; Engel, Thomas. - (2019), pp. 102-109. (Intervento presentato al convegno International Conference on Networks of the Future (NoF) tenutosi a Roma, Italy) [10.1109/NoF47743.2019.9014929].
04b Atto di convegno in volume
File allegati a questo prodotto
File Dimensione Formato  
Rinaldi_Softwarization_2019.pdf

solo gestori archivio

Note: https://ieeexplore.ieee.org/document/9014929
Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 340.9 kB
Formato Adobe PDF
  Contatta l'autore
340.9 kB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1553751
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 6
  • ???jsp.display-item.citation.isi??? 1
social impact