Systems and methods for monitoring traffic on industrial control and building automation system networks
Abstract
Technologies relating to monitoring communications traffic to detect potential attacks on industrial control system networks and building automation system networks are described herein. In an embodiment, a monitoring device receives a plurality of communications from a control network. The monitoring device transmits the communications to a computing device. Based on the communications, the computing device generates a listing of devices that communicated by way of the control network over a period of time, and computes a volume of traffic between each pair of devices in the listing of devices. The computing device then outputs a graphical user interface (GUI) by way of display, the GUI comprising data indicative of the computed volumes of traffic, which may be indicative of a potential attack on the control network.
- Inventors:
- Issue Date:
- Research Org.:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Org.:
- USDOE National Nuclear Security Administration (NNSA)
- OSTI Identifier:
- 1771570
- Patent Number(s):
- 10819721
- Application Number:
- 15/899,893
- Assignee:
- National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
- Patent Classifications (CPCs):
-
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- DOE Contract Number:
- NA0003525
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 02/20/2018
- Country of Publication:
- United States
- Language:
- English
Citation Formats
Jenkins, Chris. Systems and methods for monitoring traffic on industrial control and building automation system networks. United States: N. p., 2020.
Web.
Jenkins, Chris. Systems and methods for monitoring traffic on industrial control and building automation system networks. United States.
Jenkins, Chris. Tue .
"Systems and methods for monitoring traffic on industrial control and building automation system networks". United States. https://www.osti.gov/servlets/purl/1771570.
@article{osti_1771570,
title = {Systems and methods for monitoring traffic on industrial control and building automation system networks},
author = {Jenkins, Chris},
abstractNote = {Technologies relating to monitoring communications traffic to detect potential attacks on industrial control system networks and building automation system networks are described herein. In an embodiment, a monitoring device receives a plurality of communications from a control network. The monitoring device transmits the communications to a computing device. Based on the communications, the computing device generates a listing of devices that communicated by way of the control network over a period of time, and computes a volume of traffic between each pair of devices in the listing of devices. The computing device then outputs a graphical user interface (GUI) by way of display, the GUI comprising data indicative of the computed volumes of traffic, which may be indicative of a potential attack on the control network.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Oct 27 00:00:00 EDT 2020},
month = {Tue Oct 27 00:00:00 EDT 2020}
}
Works referenced in this record:
Powerline communication network analyzer
patent, June 2016
- Moreno, Francisco Javier; Rajkotia, Purva; Tang, Phuoc
- US Patent Document 9,379,888
System and methodology providing automation security analysis and network intrusion protection in an industrial environment
patent, August 2016
- Brandt, David D.; Hall, Kenwood H.; Anderson, Mark B.
- US Patent Document 9,412,073
Device Visibility and Scanning Including Network Segments
patent-application, September 2019
- Yang, Siying
- US Patent Application 15/936180; 20190297113
Automation discovery to identify malicious activity
patent, October 2015
- Ward, Joseph; Hobson, Andrew
- US Patent Document 9,166,994
Real-time network monitoring and security
patent, January 2013
- Bennett, Mark Arwyn; Piggott, Alexander Colin; Garfield, David
- US Patent Document 8,364,833
Method of classifying data and transmitting data in a PLC network and apparatus therefor
patent, November 2012
- Choi, Jun-hae; Kim, In Hwan; Chang, Seung-gi
- US Patent Document 8,320,243
Segmentation Management Including Visualization, Configuration, Simulation, or a Combination Thereof
patent-application, January 2020
- Fainberg, Iiya; Maor, Yafit; Olswang, Amir
- US Patent Application 16/144051; 20200007396
Apparatus and Method for Security of Industrial Control Networks
patent-application, January 2016
- Crawford, Kenneth Wayne
- US Patent Application 14/663003; 20160028693
Systems and methods for log and snort synchronized threat detection
patent, October 2019
- Wang, Dagen; Rickey, Ian
- US Patent Document 10,462,170
Dynamic Policy Provisioning Within Network Security Devices
patent-application, December 2009
- Narayanaswamy, Krishna
- US Patent Application 12/468905; 20090328219
Industrial Network Security Translator
patent-application, May 2017
- Taylor, Jonathon
- US Patent Application 14/932774; 20170126745
Identifying Diagnosis-Relevant Health Information
patent-application, May 2018
- Bitran, Hadas; White, Ryen William; Yekutiel, Shabar
- US Patent Application 15/359243; 20180144101
Network Monitoring Apparatus, Network Monitoring Method, and Network Monitoring Program
patent-application, August 2010
- Mori, Hideo; Chikira, Kazuaki
- US Patent Application 12/677935; 20100218250