Flow-Based Security Issue Detection in Building Automation and Control Networks

Authors

ČELEDA Pavel KREJČÍ Radek KRMÍČEK Vojtěch

Year of publication 2012
Type Article in Proceedings
Conference Lecture Notes in Computer Science 7479
MU Faculty or unit

Institute of Computer Science

Citation
Doi http://dx.doi.org/10.1007/978-3-642-32808-4_7
Field Informatics
Keywords network; security; attack; intrusion detection; entropy; flow; BACnetFlow; BACnet; building; automation
Attached files
Description The interconnection of building automation and control system networks to public networks has exposed them to a wide range of security problems. This paper provides an overview of the flow data usability to detect security issue in these networks. The flow-based monitoring inside automation and control networks is a novel approach. In this paper, we describe several use cases in which flow monitoring provides information on network activities in building automation and control systems. We demonstrate a detection of Telnet brute force attacks, access control validation and targeted attacks on building automation system network.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info