A Comprehensive IIoT Security Framework : Proactive Vulnerability Analysis and Reactive Anomaly Detection
- 주제(키워드) security , CPS , IIoT
- 주제(DDC) 621.39
- 발행기관 아주대학교
- 지도교수 손태식
- 발행년도 2021
- 학위수여년월 2021. 8
- 학위명 박사
- 학과 및 전공 일반대학원 컴퓨터공학과
- 실제URI http://www.dcollection.net/handler/ajou/000000031136
- 본문언어 영어
- 저작권 아주대학교 논문은 저작권에 의해 보호받습니다.
초록/요약
With the advent of the Industrial Internet of Things (IIoT) era, industrial control systems have become more efficient to operate; however, it has caused the increase of risks of security accidents in field devices because the boundaries between each layer disappear and connection with the outside increase. ICS (Industrial Control System) has been suffered from advanced attacks such as APT (Advanced Persistent Threat) using zero-day vulnerabilities. To cope with the advanced attacks, it is necessary to apply vulnerability analysis and intrusion detection systems; however, since most industrial facilities are still operating without security considerations, security incidents are expected to continue. In this thesis, we propose a comprehensive security framework composed of proactive and reactive technologies for IIoT security to respond to attacks toward ICS. The proposed framework consists of two protocol vulnerability analysis methods and two abnormal behavior detection methods that can be applied to various environments using general ICS characteristics. In the case of the protocol vulnerability analysis technique, we propose a black box-based vulnerability analysis technique that can be performed for all protocol stacks. We verified the effectiveness of the proposed techniques through experiments with ICS communication protocols. In the case of anomaly detection techniques, we proposed two deep learning-based anomaly detection techniques that minimize the data analysis process so that it can be used even in small-scale factories and in various domains. We verified the effectiveness of these two techniques experimentally.
more목차
Chapter 1 Introduction 1
1.1 Overall Framework 3
1.2 Contribution to the Field 5
1.3 Thesis outline 7
Chapter 2 Background 8
2.1 ICS changes by the 4th industrial revolution 9
2.2 Related works of fuzzing test for IIoT 14
2.3 Related works of intrusion detection for IIoT 16
Chapter 3 Black box Fuzzing Test for IIoT 18
3.1 Introduction 18
3.2 Field classification based fuzzing test case generation 21
3.3 Smart seed selection-based effective black box fuzzing 38
3.4 Discussion 53
Chapter 4 Deep learning based Anomaly Detection for IIoT 55
4.1 Introduction 55
4.2 Autoencoder Based Payload Anomaly Detection 58
4.3 Communication Pattern based Anomaly Detection 75
4.4 Discussion 98
Chapter 5. Conclusion 99
5.1 Summary 99
5.2 Future Work 101
5.3 Closing Remark 101
