Abstract
This paper surveys and provides experimental results related to network design techniques focused on enhancing the security of industrial control systems. It analyzes defense-in-depth strategies, network segmentation, network firewall configurations and the role of intrusion prevention systems, intrusion detection systems and anomaly detection systems. The paper also studies the applicability of emerging technologies in the area of IP networks, including software-defined networking, network functions virtualization and next generation firewalls in securing industrial control systems. The main contribution of this paper is the experimental assessment of existing and future network design approaches in the presence of real malware (e.g., Stuxnet) and synthetic attacks (e.g., denial-of-service attacks). The experimental results confirm the importance of defense-in-depth strategies and also highlight the embryonic state of software-defined networking security, which requires profound transformation and validation in order to be embraced by the industrial control system community.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Critical Infrastructure Protection
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
