Accession Number:
AD1016384
Title:
Industrial Control System Process-Oriented Intrusion Detection (iPoid) Algorithm
Descriptive Note:
Technical Report,01 Jul 2014,30 Jun 2016
Corporate Author:
US Army Research Laboratory Cyber-Research Analytics Laboratory (ACAL) Adelphi United States
Personal Author(s):
Report Date:
2016-08-01
Pagination or Media Count:
34.0
Abstract:
This report describes the software architecture and capabilities of an industrial control system process-oriented intrusion detection iPoid algorithm developed in the Army Cyber-Research Analytics Laboratory ACAL at the US Army Research Laboratory. The iPoid algorithm performs packet inspection of Modbus transmission control protocol communications by applying rules to detect suspicious activity. ACALs iPoid creates alert messages for security analysts if further investigation is required. We illustrate the iPoid algorithm using a research intrusion-detection system. This report describes the iPoid algorithm and how its software functions, how to write the analysis rules, and how to test the software.
Descriptors:
Subject Categories:
- Computer Systems Management and Standards
- Computer Systems
- Manufacturing and Industrial Engineering and Control of Production Systems
- Safety Engineering