Artificial Diversity and Defense Security (ADDSec) Final Report
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Critical infrastructure systems continue to foster predictable communication patterns and static configurations over extended periods of time. The static nature of these systems eases the process of gathering reconnaissance information that can be used to design, develop, and launch attacks by adversaries. In this research effort, the early phases of an attack vector will be disrupted by randomizing application port numbers, IP addresses, and communication paths dynamically through the use of overlay networks within Industrial Control Systems (ICS). These protective measures convert static systems into "moving targets," adding an additional layer of defense. Additionally, we have developed a framework that automatically detects and defends against threats within these systems using an ensemble of machine learning algorithms that classify and categorize abnormal behavior. Our proof-of-concept has been demonstrated within a representative ICS environment. Performance metrics of our proof-of-concept have been captured with latency impacts of less than a millisecond, on average.
- Research Organization:
- Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Organization:
- USDOE Office of Electricity Delivery and Energy Reliability (OE), Power Systems Engineering Research and Development (R&D) (OE-10); USDOE National Nuclear Security Administration (NNSA)
- DOE Contract Number:
- AC04-94AL85000; NA0003525
- OSTI ID:
- 1435900
- Report Number(s):
- SAND2018--4545; 662600
- Country of Publication:
- United States
- Language:
- English
Similar Records
Artificial Diversity and Defense Security (ADDSec)
Moving Target Defense for Space Systems [Slides]