Industrial network security module

Industrial network security module

Stať ve sborníku v databázi WoS či Scopus

This article is focused on a fast and efficient evaluation method of communication of theModbus/TCP protocol. Modbus/TCP does not implement authentication or communication encryp-tion. Therefore, a Modbus Security module was created, which allows sniffing specific network trafficand parsing particular information from the packets. This information is stored in the database usingPostgreSQL on each master and slave station. It evaluates whether there is an attack on the networkby comparing information in individual databases. There is an additional authentication of individ-ual stations using the created SSH connection between databases. Everything is visualised using theGrafana tool.

This article is focused on a fast and efficient evaluation method of communication of theModbus/TCP protocol. Modbus/TCP does not implement authentication or communication encryp-tion. Therefore, a Modbus Security module was created, which allows sniffing specific network trafficand parsing particular information from the packets. This information is stored in the database usingPostgreSQL on each master and slave station. It evaluates whether there is an attack on the networkby comparing information in individual databases. There is an additional authentication of individ-ual stations using the created SSH connection between databases. Everything is visualised using theGrafana tool.

Modbus/TCP; Sniffer; Scapy; Python; PostreSQL; Grafana; Security; SSH

Modbus/TCP; Sniffer; Scapy; Python; PostreSQL; Grafana; Security; SSH

KUCHAŘ, K.; HOLASOVÁ, E.

2021

13.07.2021

Vysoké učení technické v Brně, Fakulta elektrotechniky a komunikačních technologií

978-80-214-5942-7

Proceedings of the 27th, Conference STUDENT EEICT 2021

363

367

5

https://www.fekt.vut.cz/conf/EEICT/archiv/sborniky/EEICT_2021_sbornik_1.pdf