On the feasibility of device fingerprinting in industrial control systems

M. Caselli; D. Hadziosmanovic; Emmanuele Zambon; Frank Kargl

doi:10.1007/978-3-319-03964-0_14

On the feasibility of device fingerprinting in industrial control systems

M. Caselli, D. Hadziosmanovic, Emmanuele Zambon, Frank Kargl

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

17 Citations (Scopus)

9 Downloads (Pure)

Abstract

As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.

Original language	Undefined
Title of host publication	Critical Information Infrastructures Security
Editors	Eric Luiijf, Pieter H. Hartel
Place of Publication	Berlin, Germany
Publisher	Springer
Pages	155-166
Number of pages	12
ISBN (Print)	978-3-319-03963-3
DOIs	https://doi.org/10.1007/978-3-319-03964-0_14
Publication status	Published - 2013
Event	8th International Conference on Critical Information Infrastructures Security, CRITIS 2013 - EYE - Film Institute Netherlands and Shell Technology Centre Amsterdam, Amsterdam, Netherlands Duration: 16 Sept 2013 → 18 Sept 2013 Conference number: 8 http://www.critis2013.nl/

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Number	8328
Volume	8328
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	8th International Conference on Critical Information Infrastructures Security, CRITIS 2013
Abbreviated title	CRITIS
Country/Territory	Netherlands
City	Amsterdam
Period	16/09/13 → 18/09/13
Internet address	http://www.critis2013.nl/

Keywords

SCS-Cybersecurity
EC Grant Agreement nr.: FP7-SEC-285477-CRISALIS
EWI-24141
Critical Infrastructure
IR-88301
PLC
Fingerprinting
ICS
METIS-300235
SCADA

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1007/978-3-319-03964-0_14

http://eprints.eemcs.utwente.nl/secure2/24141/01/chp%253A10.1007%252F978-3-319-03964-0_14.pdf

Cite this

@inproceedings{3f0610c0505c4821b1ee687c60457ec5,

title = "On the feasibility of device fingerprinting in industrial control systems",

abstract = "As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.",

keywords = "SCS-Cybersecurity, EC Grant Agreement nr.: FP7-SEC-285477-CRISALIS, EWI-24141, Critical Infrastructure, IR-88301, PLC, Fingerprinting, ICS, METIS-300235, SCADA",

author = "M. Caselli and D. Hadziosmanovic and Emmanuele Zambon and Frank Kargl",

note = "eemcs-eprint-24141 ; 8th International Conference on Critical Information Infrastructures Security, CRITIS 2013 ; Conference date: 16-09-2013 Through 18-09-2013",

year = "2013",

doi = "10.1007/978-3-319-03964-0_14",

language = "Undefined",

isbn = "978-3-319-03963-3",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

number = "8328",

pages = "155--166",

editor = "Eric Luiijf and Hartel, {Pieter H.}",

booktitle = "Critical Information Infrastructures Security",

address = "Germany",

url = "http://www.critis2013.nl/",

}

Caselli, M, Hadziosmanovic, D, Zambon, E & Kargl, F 2013, On the feasibility of device fingerprinting in industrial control systems. in E Luiijf & PH Hartel (eds), Critical Information Infrastructures Security. Lecture Notes in Computer Science, no. 8328, vol. 8328, Springer, Berlin, Germany, pp. 155-166, 8th International Conference on Critical Information Infrastructures Security, CRITIS 2013, Amsterdam, Netherlands, 16/09/13. https://doi.org/10.1007/978-3-319-03964-0_14

On the feasibility of device fingerprinting in industrial control systems. / Caselli, M.; Hadziosmanovic, D.; Zambon, Emmanuele et al.
Critical Information Infrastructures Security. ed. / Eric Luiijf; Pieter H. Hartel. Berlin, Germany: Springer, 2013. p. 155-166 (Lecture Notes in Computer Science; Vol. 8328, No. 8328).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - On the feasibility of device fingerprinting in industrial control systems

AU - Caselli, M.

AU - Hadziosmanovic, D.

AU - Zambon, Emmanuele

AU - Kargl, Frank

N1 - Conference code: 8

PY - 2013

Y1 - 2013

N2 - As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.

AB - As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.

KW - SCS-Cybersecurity

KW - EC Grant Agreement nr.: FP7-SEC-285477-CRISALIS

KW - EWI-24141

KW - Critical Infrastructure

KW - IR-88301

KW - PLC

KW - Fingerprinting

KW - ICS

KW - METIS-300235

KW - SCADA

U2 - 10.1007/978-3-319-03964-0_14

DO - 10.1007/978-3-319-03964-0_14

M3 - Conference contribution

SN - 978-3-319-03963-3

T3 - Lecture Notes in Computer Science

SP - 155

EP - 166

BT - Critical Information Infrastructures Security

A2 - Luiijf, Eric

A2 - Hartel, Pieter H.

PB - Springer

CY - Berlin, Germany

T2 - 8th International Conference on Critical Information Infrastructures Security, CRITIS 2013

Y2 - 16 September 2013 through 18 September 2013

ER -