ВГ
Да блеф это, ни чего не будет, пару банков задосят и на этом закончится
The Standoff
https://standoff365.com/ru
Size: a a a
2020 October 09
2020 October 10
M
Пост выходного дня. Мини-комикс про инопланетную криптографию.
M
😂 криптография в АСУТП
GT
Уже неделю ходит. Но до сих пор забавно))
M
Как говорится, на злобу дня )
GT
:)
IV
Marina S
Сейчас уже нет, как бы всем не хотелось. Железо очень быстро устаревает, запчасти к нему уже не купить через 8-10 лет, а старые версии Скады с новыми версиями ОС перестают работать. А с контроллерами и того быстрее. Надо констатировать, что с 20-25 лет срок службы сократился до 10 максимум.
Я бы сказал не до 10, а до 3-5 лет
MS
😂 криптография в АСУТП
Это не про криптографию, а про бэкапирование и резервирование)
MD
Здравствуйте, не подскажите интересные репозитории на гитхабе, где могут лежать интересные вещи для ICS, по типу pcap/malware samples/NSE скрипты для nmap-a и т.д.
AS
Здравствуйте, не подскажите интересные репозитории на гитхабе, где могут лежать интересные вещи для ICS, по типу pcap/malware samples/NSE скрипты для nmap-a и т.д.
AS
MD
2020 October 11
М
A New Burst-DFA model for SCADA Anomaly Detection
In Industrial Control Systems (ICS/SCADA), machine to machine data traffic is highly periodic. Past work showed that in many cases, it is possible to model the traffic between each individual Programmable Logic Controller (PLC) and the SCADA server by a cyclic Deterministic Finite Automaton (DFA), and to use the model to detect anomalies in the traffic. However, a recent analysis of network traffic in a water facility in the U.S, showed that cyclic-DFA models have limitations. In our research, we examine the same data corpus; our study shows that the communication on all of the channels in the network is done in bursts of packets, and that the bursts have semantic meaning—the order within a burst depends on the messages. Using these observations, we suggest a new burst- DFA model that fits the data much better than previous work. Our model treats the traffic on each channel as a series of bursts, and matches each burst to the DFA, taking the burst’s beginning and end into account. Our burst-DFA model successfully explains between 95% and 99% of the packets in the data-corpus, and goes a long way toward the construction of a practical anomaly detection system.
https://www.researchgate.net/profile/Avishai_Wool/publication/320745600_A_New_Burst-DFA_model_for_SCADA_Anomaly_Detection/links/5cc93aab92851c8d2210625d/A-New-Burst-DFA-model-for-SCADA-Anomaly-Detection.pdf?origin=publication_detail
In Industrial Control Systems (ICS/SCADA), machine to machine data traffic is highly periodic. Past work showed that in many cases, it is possible to model the traffic between each individual Programmable Logic Controller (PLC) and the SCADA server by a cyclic Deterministic Finite Automaton (DFA), and to use the model to detect anomalies in the traffic. However, a recent analysis of network traffic in a water facility in the U.S, showed that cyclic-DFA models have limitations. In our research, we examine the same data corpus; our study shows that the communication on all of the channels in the network is done in bursts of packets, and that the bursts have semantic meaning—the order within a burst depends on the messages. Using these observations, we suggest a new burst- DFA model that fits the data much better than previous work. Our model treats the traffic on each channel as a series of bursts, and matches each burst to the DFA, taking the burst’s beginning and end into account. Our burst-DFA model successfully explains between 95% and 99% of the packets in the data-corpus, and goes a long way toward the construction of a practical anomaly detection system.
https://www.researchgate.net/profile/Avishai_Wool/publication/320745600_A_New_Burst-DFA_model_for_SCADA_Anomaly_Detection/links/5cc93aab92851c8d2210625d/A-New-Burst-DFA-model-for-SCADA-Anomaly-Detection.pdf?origin=publication_detail