Publication detail

Identifying Industry Devices via Time Delay in Dataflow

POSPÍŠIL, O. FUJDIAK, R.

Original Title

Identifying Industry Devices via Time Delay in Dataflow

Type

conference paper

Language

English

Original Abstract

In networks with critical industrial processes where operational integrity is paramount, device identification is crucial for security and effective management. Without such identification, the potential for mismanagement and security breaches increases. Active scanning for network device identification poses risks, especially in industrial settings. Such scanning can disrupt operations or even cause damage. Therefore, finding non-invasive identification methods that bypass active scanning is imperative. Passive scanning, owing to its non-intrusive approach, is favored for industrial devices. Modern statistical learning techniques combined with passive scanning can mitigate risks of active methods. Our research harnesses time delay data in network communications to accurately identify specific industrial PLC models. We derive our data from timestamp details of the OPC UA protocol, widely recognized as a standard in industrial communication. Statistical variables from time delay data enhance the accuracy of passive device identification in industrial settings.

Keywords

Ics, plc, xgboost, device identification, siemens, opc ua, machine learning.

Authors

POSPÍŠIL, O.; FUJDIAK, R.

Released

3. 12. 2023

ISBN

979-8-4007-0796-4

Book

ICCNS 2023 Proceedings

Pages from

1

Pages to

5

Pages count

5

BibTex

@inproceedings{BUT187049,
  author="Ondřej {Pospíšil} and Radek {Fujdiak}",
  title="Identifying Industry Devices via Time Delay in Dataflow",
  booktitle="ICCNS 2023 Proceedings",
  year="2023",
  pages="1--5",
  doi="10.1145/3638782.3638808",
  isbn="979-8-4007-0796-4"
}