skip to main content


Title: Autonomic Intelligent Cyber Sensor to Support Industrial Control Network Awareness

The proliferation of digital devices in a networked industrial ecosystem, along with an exponential growth in complexity and scope, has resulted in elevated security concerns and management complexity issues. This paper describes a novel architecture utilizing concepts of Autonomic computing and a SOAP based IF-MAP external communication layer to create a network security sensor. This approach simplifies integration of legacy software and supports a secure, scalable, self-managed framework. The contribution of this paper is two-fold: 1) A flexible two level communication layer based on Autonomic computing and Service Oriented Architecture is detailed and 2) Three complementary modules that dynamically reconfigure in response to a changing environment are presented. One module utilizes clustering and fuzzy logic to monitor traffic for abnormal behavior. Another module passively monitors network traffic and deploys deceptive virtual network hosts. These components of the sensor system were implemented in C++ and PERL and utilize a common internal D-Bus communication mechanism. A proof of concept prototype was deployed on a mixed-use test network showing the possible real world applicability. In testing, 45 of the 46 network attached devices were recognized and 10 of the 12 emulated devices were created with specific Operating System and port configurations. Additionally themore » anomaly detection algorithm achieved a 99.9% recognition rate. All output from the modules were correctly distributed using the common communication structure.« less
 [1] ;  [2] ;  [3]
  1. Idaho National Lab. (INL), Idaho Falls, ID (United States)
  2. Univ. of Idaho, Idaho Falls, ID (United States)
  3. Expedia Incorporated, Bellevue, WA (United States)
Publication Date:
Report Number(s):
Journal ID: ISSN 1551-3203
Grant/Contract Number:
Accepted Manuscript
Journal Name:
IEEE Transactions on Industrial Informatics
Additional Journal Information:
Journal Volume: 10; Journal Issue: 2; Journal ID: ISSN 1551-3203
Research Org:
Idaho National Lab. (INL), Idaho Falls, ID (United States)
Sponsoring Org:
USDOE Office of Electricity Delivery and Energy Reliability (OE)
Country of Publication:
United States
97 MATHEMATICS AND COMPUTING; Autonomic Computing; control systems; industrial ecosystems; network security; service oriented architecture
OSTI Identifier: