On the feasibility of device fingerprinting in industrial control systems

M. Caselli, D. Hadziosmanovic, Emmanuele Zambon, Frank Kargl

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

6 Citations (Scopus)

Abstract

As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.
Original languageUndefined
Title of host publicationCritical Information Infrastructures Security
EditorsEric Luiijf, Pieter H. Hartel
Place of PublicationBerlin, Germany
PublisherSpringer
Pages155-166
Number of pages12
ISBN (Print)978-3-319-03963-3
DOIs
Publication statusPublished - 2013
Event8th International Conference on Critical Information Infrastructures Security, CRITIS 2013 - EYE - Film Institute Netherlands and Shell Technology Centre Amsterdam, Amsterdam, Netherlands
Duration: 16 Sep 201318 Sep 2013
Conference number: 8
http://www.critis2013.nl/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Number8328
Volume8328
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference8th International Conference on Critical Information Infrastructures Security, CRITIS 2013
Abbreviated titleCRITIS
CountryNetherlands
CityAmsterdam
Period16/09/1318/09/13
Internet address

Keywords

  • SCS-Cybersecurity
  • EC Grant Agreement nr.: FP7-SEC-285477-CRISALIS
  • EWI-24141
  • Critical Infrastructure
  • IR-88301
  • PLC
  • Fingerprinting
  • ICS
  • METIS-300235
  • SCADA

Cite this

Caselli, M., Hadziosmanovic, D., Zambon, E., & Kargl, F. (2013). On the feasibility of device fingerprinting in industrial control systems. In E. Luiijf, & P. H. Hartel (Eds.), Critical Information Infrastructures Security (pp. 155-166). (Lecture Notes in Computer Science; Vol. 8328, No. 8328). Berlin, Germany: Springer. https://doi.org/10.1007/978-3-319-03964-0_14
Caselli, M. ; Hadziosmanovic, D. ; Zambon, Emmanuele ; Kargl, Frank. / On the feasibility of device fingerprinting in industrial control systems. Critical Information Infrastructures Security. editor / Eric Luiijf ; Pieter H. Hartel. Berlin, Germany : Springer, 2013. pp. 155-166 (Lecture Notes in Computer Science; 8328).
@inproceedings{3f0610c0505c4821b1ee687c60457ec5,
title = "On the feasibility of device fingerprinting in industrial control systems",
abstract = "As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.",
keywords = "SCS-Cybersecurity, EC Grant Agreement nr.: FP7-SEC-285477-CRISALIS, EWI-24141, Critical Infrastructure, IR-88301, PLC, Fingerprinting, ICS, METIS-300235, SCADA",
author = "M. Caselli and D. Hadziosmanovic and Emmanuele Zambon and Frank Kargl",
note = "eemcs-eprint-24141",
year = "2013",
doi = "10.1007/978-3-319-03964-0_14",
language = "Undefined",
isbn = "978-3-319-03963-3",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
number = "8328",
pages = "155--166",
editor = "Eric Luiijf and Hartel, {Pieter H.}",
booktitle = "Critical Information Infrastructures Security",

}

Caselli, M, Hadziosmanovic, D, Zambon, E & Kargl, F 2013, On the feasibility of device fingerprinting in industrial control systems. in E Luiijf & PH Hartel (eds), Critical Information Infrastructures Security. Lecture Notes in Computer Science, no. 8328, vol. 8328, Springer, Berlin, Germany, pp. 155-166, 8th International Conference on Critical Information Infrastructures Security, CRITIS 2013, Amsterdam, Netherlands, 16/09/13. https://doi.org/10.1007/978-3-319-03964-0_14

On the feasibility of device fingerprinting in industrial control systems. / Caselli, M.; Hadziosmanovic, D.; Zambon, Emmanuele; Kargl, Frank.

Critical Information Infrastructures Security. ed. / Eric Luiijf; Pieter H. Hartel. Berlin, Germany : Springer, 2013. p. 155-166 (Lecture Notes in Computer Science; Vol. 8328, No. 8328).

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - On the feasibility of device fingerprinting in industrial control systems

AU - Caselli, M.

AU - Hadziosmanovic, D.

AU - Zambon, Emmanuele

AU - Kargl, Frank

N1 - eemcs-eprint-24141

PY - 2013

Y1 - 2013

N2 - As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.

AB - As Industrial Control Systems (ICS) and standard IT networks are becoming one heterogeneous entity, there has been an increasing effort in adjusting common security tools and methodologies to fit the industrial environment. Fingerprinting of industrial devices is still an unexplored research field. In this paper we provide an overview of standard device fingerprinting techniques and an assessment on the application feasibility in ICS infrastructures. We identify challenges that fingerprinting has to face and mechanisms to be used to obtain reliable results. Finally, we provide guidelines for implementing reliable ICS fingerprinters.

KW - SCS-Cybersecurity

KW - EC Grant Agreement nr.: FP7-SEC-285477-CRISALIS

KW - EWI-24141

KW - Critical Infrastructure

KW - IR-88301

KW - PLC

KW - Fingerprinting

KW - ICS

KW - METIS-300235

KW - SCADA

U2 - 10.1007/978-3-319-03964-0_14

DO - 10.1007/978-3-319-03964-0_14

M3 - Conference contribution

SN - 978-3-319-03963-3

T3 - Lecture Notes in Computer Science

SP - 155

EP - 166

BT - Critical Information Infrastructures Security

A2 - Luiijf, Eric

A2 - Hartel, Pieter H.

PB - Springer

CY - Berlin, Germany

ER -

Caselli M, Hadziosmanovic D, Zambon E, Kargl F. On the feasibility of device fingerprinting in industrial control systems. In Luiijf E, Hartel PH, editors, Critical Information Infrastructures Security. Berlin, Germany: Springer. 2013. p. 155-166. (Lecture Notes in Computer Science; 8328). https://doi.org/10.1007/978-3-319-03964-0_14