Flow-Based Security Issue Detection in Building Automation and Control Networks
Authors | |
---|---|
Year of publication | 2012 |
Type | Article in Proceedings |
Conference | Lecture Notes in Computer Science 7479 |
MU Faculty or unit | |
Citation | |
Doi | http://dx.doi.org/10.1007/978-3-642-32808-4_7 |
Field | Informatics |
Keywords | network; security; attack; intrusion detection; entropy; flow; BACnetFlow; BACnet; building; automation |
Attached files | |
Description | The interconnection of building automation and control system networks to public networks has exposed them to a wide range of security problems. This paper provides an overview of the flow data usability to detect security issue in these networks. The flow-based monitoring inside automation and control networks is a novel approach. In this paper, we describe several use cases in which flow monitoring provides information on network activities in building automation and control systems. We demonstrate a detection of Telnet brute force attacks, access control validation and targeted attacks on building automation system network. |
Related projects: |