DOE CODE / / Sophia Daemon Version 12

Sophia Daemon Version 12

Full Project

For questions about obtaining this software, please contact agradmin@inl.gov.

Abstract

Sophia Daemon Version 12 contains the code that is exclusively used by the sophiad application. It runs as a service on a Linux host and analyzes network traffic obtained from libpcap and produces a network fingerprint based on hosts and channels. Sophia Daemon Version 12 can, if desired by the user, produce alerts when its fingerprint changes. Sophia Daemon Version 12 can receive data from another Sophia Daemon or raw packet data. It can output data to another Sophia Daemon Version 12, OglNet Version 12 or MySQL. Sophia Daemon Version 12 runs in a passive real-time manner that allows it to be used on a SCADA network. Its network fingerprint is designed to be applicable to SCADA networks rather than general IT networks.

Developers:: Verba, Jared ; Rueff, Gordon ; Rohde, Kenneth ; Thuen, Corey ; Erbes, Robert

Release Date:: 2012-08-09

Project Type:: Closed Source

Software Type:: Scientific

Programming Languages:: C

Sponsoring Org.:: USDOE

Primary Award/Contract Number:

AC07-05ID14517

Code ID:: 119886

Site Accession Number:: 4942; CW-12-14

Research Org.:: Idaho National Laboratory (INL), Idaho Falls, ID (United States)

Country of Origin:: United States

For questions about obtaining this software, please contact agradmin@inl.gov.

Citation Formats

Verba, Jared A., Rueff, Gordon H., Rohde, Kenneth W., Thuen, Corey W., and Erbes, Robert J. Sophia Daemon Version 12. Computer Software. USDOE. 09 Aug. 2012. Web. doi:10.11578/dc.20240117.304.

Verba, Jared A., Rueff, Gordon H., Rohde, Kenneth W., Thuen, Corey W., & Erbes, Robert J. (2012, August 09). Sophia Daemon Version 12. [Computer software]. https://doi.org/10.11578/dc.20240117.304.

Verba, Jared A., Rueff, Gordon H., Rohde, Kenneth W., Thuen, Corey W., and Erbes, Robert J. "Sophia Daemon Version 12." Computer software. August 09, 2012. https://doi.org/10.11578/dc.20240117.304.

@misc{ doecode_119886,

title = {Sophia Daemon Version 12},

author = {Verba, Jared A. and Rueff, Gordon H. and Rohde, Kenneth W. and Thuen, Corey W. and Erbes, Robert J.},

abstractNote = {Sophia Daemon Version 12 contains the code that is exclusively used by the sophiad application. It runs as a service on a Linux host and analyzes network traffic obtained from libpcap and produces a network fingerprint based on hosts and channels. Sophia Daemon Version 12 can, if desired by the user, produce alerts when its fingerprint changes. Sophia Daemon Version 12 can receive data from another Sophia Daemon or raw packet data. It can output data to another Sophia Daemon Version 12, OglNet Version 12 or MySQL. Sophia Daemon Version 12 runs in a passive real-time manner that allows it to be used on a SCADA network. Its network fingerprint is designed to be applicable to SCADA networks rather than general IT networks.},

doi = {10.11578/dc.20240117.304},

url = {https://doi.org/10.11578/dc.20240117.304},

howpublished = {[Computer Software] \url{https://doi.org/10.11578/dc.20240117.304}},

year = {2012},

month = {aug}

}

RESOURCE

SAVE / SHARE

Abstract

RESOURCE

SAVE / SHARE

Citation Formats