skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Artificial Diversity and Defense Security (ADDSec) Final Report

Abstract

Critical infrastructure systems continue to foster predictable communication patterns and static configurations over extended periods of time. The static nature of these systems eases the process of gathering reconnaissance information that can be used to design, develop, and launch attacks by adversaries. In this research effort, the early phases of an attack vector will be disrupted by randomizing application port numbers, IP addresses, and communication paths dynamically through the use of overlay networks within Industrial Control Systems (ICS). These protective measures convert static systems into "moving targets," adding an additional layer of defense. Additionally, we have developed a framework that automatically detects and defends against threats within these systems using an ensemble of machine learning algorithms that classify and categorize abnormal behavior. Our proof-of-concept has been demonstrated within a representative ICS environment. Performance metrics of our proof-of-concept have been captured with latency impacts of less than a millisecond, on average.

Authors:
 [1];  [1];  [1]
  1. Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Publication Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE Office of Electricity Delivery and Energy Reliability (OE), Power Systems Engineering Research and Development (R&D) (OE-10); USDOE National Nuclear Security Administration (NNSA)
OSTI Identifier:
1435900
Report Number(s):
SAND2018-4545
662600
DOE Contract Number:  
AC04-94AL85000; NA0003525
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Chavez, Adrian R., Hamlet, Jason, and Stout, William M.S. Artificial Diversity and Defense Security (ADDSec) Final Report. United States: N. p., 2018. Web. doi:10.2172/1435900.
Chavez, Adrian R., Hamlet, Jason, & Stout, William M.S. Artificial Diversity and Defense Security (ADDSec) Final Report. United States. doi:10.2172/1435900.
Chavez, Adrian R., Hamlet, Jason, and Stout, William M.S. Sun . "Artificial Diversity and Defense Security (ADDSec) Final Report". United States. doi:10.2172/1435900. https://www.osti.gov/servlets/purl/1435900.
@article{osti_1435900,
title = {Artificial Diversity and Defense Security (ADDSec) Final Report},
author = {Chavez, Adrian R. and Hamlet, Jason and Stout, William M.S.},
abstractNote = {Critical infrastructure systems continue to foster predictable communication patterns and static configurations over extended periods of time. The static nature of these systems eases the process of gathering reconnaissance information that can be used to design, develop, and launch attacks by adversaries. In this research effort, the early phases of an attack vector will be disrupted by randomizing application port numbers, IP addresses, and communication paths dynamically through the use of overlay networks within Industrial Control Systems (ICS). These protective measures convert static systems into "moving targets," adding an additional layer of defense. Additionally, we have developed a framework that automatically detects and defends against threats within these systems using an ensemble of machine learning algorithms that classify and categorize abnormal behavior. Our proof-of-concept has been demonstrated within a representative ICS environment. Performance metrics of our proof-of-concept have been captured with latency impacts of less than a millisecond, on average.},
doi = {10.2172/1435900},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {4}
}

Technical Report:

Save / Share: