An Effective Threat Detection on ISA100.11a Network Utilizing Multi-Channel Passive Sniffers

Author(s)
Zaidi, Syed Muhammad Asad
Advisor
Ki Hyung Kim
Department
일반대학원 컴퓨터공학과
Publisher
The Graduate School, Ajou University
Publication Year
2013-02
Language
eng
Alternative Abstract
Threat identification and diagnosis of the deployed network for the presence of any malicious element is an important task but it has not been carefully addressed in industrial wireless sensor networks. Main reason for this is its unique characteristics and design. Although recent wireless systems for industrial automation such as ISA100.11a employ device management protocols, these protocols generate and report a large amount of control packets from individual sensor nodes. Also, these protocols do not capture influences on network performance from external sources such as malicious nodes or interference from other networks. I propose a latent network diagnosis system (LaNDS) that adopts smart yet simple techniques based on packet sniffing method to identify common security threats originating from any external or internal malicious node. In the proposed security framework, first part is to point out some common security vulnerabilities in ISA100.11a and the second part deals with the identification and isolation of the malicious source. Special sniffer device running LaNDS monitors the ISA100.11a network by employing passive ethical sniffing and notify based on the characteristics and traffic patterns of an active security attacks. LaNDS also evaluate network performance efficiently and instantly identifying degradation causes of networking performance. Unique part in this approach is that it does not incur additional traffic overhead for collecting desired information and in making any decision. I also proposed several implementations of sniffer devices to carry out successful and efficient security detection with packet parsing. For evaluation, I have tested LaNDS on an ISA100.11a based sensor network in a lab environment and have validated the efficiency of the system based on the possible erroneous cases of industrial sensor network.
URI
https://dspace.ajou.ac.kr/handle/2018.oak/9253
Fulltext

Appears in Collections:
Graduate School of Ajou University > Department of Computer Engineering > 3. Theses(Master)
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Browse