Towards an In-depth Understanding of Deep Packet Inspection Using a Suite of Industrial Control Systems Protocol Packets

Industrial control systems (ICS) are increasingly at risk and vulnerable to internal and external threats. These systems are integral part of our nation’s critical infrastructures. Consequently, a successful cyberattack on one of these could present disastrous consequences to human life and property as well. It is imperative that cybersecurity professionals gain a good understanding of these systems particularly in the area of communication protocols. Traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are made to encapsulate some of these ICS protocols which may enable malicious payload to get through the network firewall and thus, gain entry into the network. This paper describes technical details on various ICS protocols and a suite of ICS protocol packets for the purpose of providing digital forensic materials for laboratory exercises toward a better understanding of the inner workings of ICS communications. Further, these artifacts can be useful in devising deep packet inspection (DPI) strategies that can be implemented in network firewalls, in expanding challenge materials for cyber competitions, and in attribution, vulnerability assessment, and penetration testing research in ICS security

Pedagogical Resources for Industrial Control Systems Security: Design, Implementation, Conveyance, and Evaluation

Industrial Control Systems (ICS), which are pervasive in our nation’s critical infrastructures, are becoming increasingly at risk and vulnerable to internal and external threats. It is imperative that the future workforce be educated and trained on the security of such systems. However, it is equally important that careful and deliberate considerations must be exercised in designing and implementing the educational and training activities that pertain to ICS. To that end, we designed and implemented pedagogical materials and tools to facilitate the teaching and learning processes in the area of ICS security. In this paper, we describe those resources, the professional development workshop to disseminate the curriculum materials, and the evaluation results pertaining to those artifacts and activities

Towards an In-depth Understanding of Deep Packet Inspection Using a Suite of Industrial Control Systems Protocol Packets

Industrial control systems (ICS) are increasingly at risk and vulnerable to internal and external threats. These systems are integral part of our nation’s critical infrastructures. Consequently, a successful cyberattack on one of these could present disastrous consequences to human life and property as well. It is imperative that cybersecurity professionals gain a good understanding of these systems particularly in the area of communication protocols. Traditional Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are made to encapsulate some of these ICS protocols which may enable malicious payload to get through the network firewall and thus, gain entry into the network. This paper describes technical details on various ICS protocols and a suite of ICS protocol packets for the purpose of providing digital forensic materials for laboratory exercises toward a better understanding of the inner workings of ICS communications. Further, these artifacts can be useful in devising deep packet inspection (DPI) strategies that can be implemented in network firewalls, in expanding challenge materials for cyber competitions, and in attribution, vulnerability assessment, and penetration testing research in ICS security. We also present software tools that are available for free download on the Internet that could be used to generate simulated ICS and Supervisory Control and Data Acquisition (SCADA) communication packets for research and pedagogical purposes. Finally, we conclude the paper by presenting possible research avenues that can be pursued as extensions to this seminal work on ICS security. Prominent among these possible extensions is the expansion of the ICS packet suite to include those protocols in the wireless domain such as Wi-Fi (802.11), Bluetooth, Zigbee, and other protocols that utilizes proprietary Radio Frequency

The Impact of Culture on Global Information Security Regulations

The balance between individual privacy and information and security assurance (ISA) regulations is a fluid debate that has many different facets. The objective of this early research is to examine the impact that culture has on ISA regulations. In particular, we examine how internationally accepted ISA policies are adopted in disparate cultures. Multiple interviews were conducted in Thailand with individuals with requisite knowledge on how Internet security was applied in their country. A discussion of these findings is presented, categorized by national culture dimensions and illustrated with examples, followed by some concluding remarks

Pedagogical Resources for Industrial Control Systems Security: Design, Implementation, Conveyance, and Evaluation

Industrial Control Systems (ICS), which are pervasive in our nation’s critical infrastructures, are becoming increasingly at risk and vulnerable to internal and external threats. It is imperative that the future workforce be educated and trained on the security of such systems. However, it is equally important that careful and deliberate considerations must be exercised in designing and implementing the educational and training activities that pertain to ICS. To that end, we designed and implemented pedagogical materials and tools to facilitate the teaching and learning processes in the area of ICS security. In this paper, we describe those resources, the professional development workshop to disseminate the curriculum materials, and the evaluation results pertaining to those artifacts and activities

A stochastic model of an industrial control system kill chain.

9th Annual Cyber Security Summit, held June 6-8, 2017 at the Von Braun Center in Huntsville, Alabama.; 7 page

Data collection and generation for radio frequency signal security

The current proliferation of unmanned aerial systems (UASs) for a wide range of applications ranging from commercial to defence purposes demands the need for their protection. The development of security tools and techniques will need realistic radio frequency (RF) datasets for research and testing. This chapter presents an on-going research and development effort to produce RF signal datasets that can be used for the development and testing of machine learning (ML) systems. We envision that these systems will ultimately be the precursor of future autonomous and secure UAS to benefit society for many generations.Conference Pape