Enabling Auditing and Intrusion Detection for Proprietary Controller Area Networks

Abstract

The goal of this dissertation is to provide automated methods for security researchers to overcome `security through obscurity' used by manufacturers of proprietary Industrial Control Systems (ICS). `White hat' security analysts waste significant time reverse engineering these systems' opaque network configurations instead of performing meaningful security auditing tasks. Automating the process of documenting proprietary protocol configurations is intended to improve independent security auditing of ICS networks. The major contributions of this dissertation are a novel approach for unsupervised lexical analysis of binary network data flows and analysis of the time series data extracted as a result. We demonstrate the utility of these methods using Controller Area Network (CAN) data sampled from passenger vehicles.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 21, 2018
Accession Number
AD1067742

Entities

People

  • Brent J. Stone

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Application Protocols
  • Artificial Intelligence Software
  • Automata Theory
  • Computational Science
  • Computer Languages
  • Computers
  • Data Mining
  • Data Science
  • Databases
  • Information Processing
  • Information Science
  • Machine Learning
  • Network Science
  • Predictive Modeling
  • Supervised Machine Learning

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Database Systems and Applications
  • Systems Analysis and Design