Whitelisting for Critical IT-Based Infrastructure
Summary :
Critical infrastructures are falsely believed to be safe when they are isolated from the Internet. However, the recent appearance of Stuxnet demonstrated that isolated networks are no longer safe. We observe that a better intrusion detection scheme can be established based on the unique features of critical infrastructures. In this paper, we propose a whitelist-based detection system. Network and application-level whitelists are proposed, which are combined to form a novel cross-layer whitelist. Through experiments, we confirm that the proposed whitelists can exactly detect attack packets, which cannot be achieved by existing schemes.
- Publication
- IEICE TRANSACTIONS on Communications Vol.E96-B No.4 pp.1070-1074
- Publication Date
- 2013/04/01
- Publicized
- Online ISSN
- 1745-1345
- DOI
- 10.1587/transcom.E96.B.1070
- Type of Manuscript
- LETTER
- Category
- Network Management/Operation
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
YoungHwa JANG, InCheol SHIN, Byung-gil MIN, Jungtaek SEO, MyungKeun YOON, "Whitelisting for Critical IT-Based Infrastructure" in IEICE TRANSACTIONS on Communications,
vol. E96-B, no. 4, pp. 1070-1074, April 2013, doi: 10.1587/transcom.E96.B.1070.
Abstract: Critical infrastructures are falsely believed to be safe when they are isolated from the Internet. However, the recent appearance of Stuxnet demonstrated that isolated networks are no longer safe. We observe that a better intrusion detection scheme can be established based on the unique features of critical infrastructures. In this paper, we propose a whitelist-based detection system. Network and application-level whitelists are proposed, which are combined to form a novel cross-layer whitelist. Through experiments, we confirm that the proposed whitelists can exactly detect attack packets, which cannot be achieved by existing schemes.
URL: https://globals.ieice.org/en_transactions/communications/10.1587/transcom.E96.B.1070/_p
Copy
@ARTICLE{e96-b_4_1070,
author={YoungHwa JANG, InCheol SHIN, Byung-gil MIN, Jungtaek SEO, MyungKeun YOON, },
journal={IEICE TRANSACTIONS on Communications},
title={Whitelisting for Critical IT-Based Infrastructure},
year={2013},
volume={E96-B},
number={4},
pages={1070-1074},
abstract={Critical infrastructures are falsely believed to be safe when they are isolated from the Internet. However, the recent appearance of Stuxnet demonstrated that isolated networks are no longer safe. We observe that a better intrusion detection scheme can be established based on the unique features of critical infrastructures. In this paper, we propose a whitelist-based detection system. Network and application-level whitelists are proposed, which are combined to form a novel cross-layer whitelist. Through experiments, we confirm that the proposed whitelists can exactly detect attack packets, which cannot be achieved by existing schemes.},
keywords={},
doi={10.1587/transcom.E96.B.1070},
ISSN={1745-1345},
month={April},}
Copy
TY - JOUR
TI - Whitelisting for Critical IT-Based Infrastructure
T2 - IEICE TRANSACTIONS on Communications
SP - 1070
EP - 1074
AU - YoungHwa JANG
AU - InCheol SHIN
AU - Byung-gil MIN
AU - Jungtaek SEO
AU - MyungKeun YOON
PY - 2013
DO - 10.1587/transcom.E96.B.1070
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E96-B
IS - 4
JA - IEICE TRANSACTIONS on Communications
Y1 - April 2013
AB - Critical infrastructures are falsely believed to be safe when they are isolated from the Internet. However, the recent appearance of Stuxnet demonstrated that isolated networks are no longer safe. We observe that a better intrusion detection scheme can be established based on the unique features of critical infrastructures. In this paper, we propose a whitelist-based detection system. Network and application-level whitelists are proposed, which are combined to form a novel cross-layer whitelist. Through experiments, we confirm that the proposed whitelists can exactly detect attack packets, which cannot be achieved by existing schemes.
ER -
FlyerIEICE has prepared a flyer regarding multilingual services. Please use the one in your native language.
English
