Açık Akademik Arşiv Sistemi

Development of the ECAT Preprocessor with the Trust Communication Approach

Show simple item record

dc.contributor.authors Akpinar, KO; Ozcelik, I;
dc.date.accessioned 2020-01-13T07:57:02Z
dc.date.available 2020-01-13T07:57:02Z
dc.date.issued 2018
dc.identifier.citation Akpinar, KO; Ozcelik, I; (2018). Development of the ECAT Preprocessor with the Trust Communication Approach. SECURITY AND COMMUNICATION NETWORKS, , -
dc.identifier.issn 1939-0114
dc.identifier.uri https://hdl.handle.net/20.500.12619/2491
dc.identifier.uri https://doi.org/10.1155/2018/2639750
dc.description.abstract In the past several years, attacks over industrial control systems (ICS) have become increasingly frequent and sophisticated. The most common objectives of these types of attacks are controlling/monitoring the physical process, manipulating programmable controllers, or affecting the integrity of software and networking equipment. As one of the widely applied protocols in the ICS world, EtherCAT is an Ethernet-based protocol; thus, it is exposed to both TCP/IP and ICS-specific attacks. In this paper, we analyze EtherCAT field-level communication principles from the security viewpoint focusing on the protocol vulnerabilities, which have been rarely analyzed previously. Our research showed that it lacks the most common security parameters, such as authentication, encryption, and authorization, and is open to Media Access Control (MAC) spoofing, data injection, and other advanced attacks, which require superior skills. To prevent, detect, and reduce attacks over the EtherCAT-based critical systems, first, we improved the open-source Snort intrusion detection/prevention system (IDS/IPS) to support packets that are not processed over transport and network layers. Second, by incorporating a vulnerability analysis, we proposed the EtherCAT (ECAT) preprocessor. Third, we introduced a novel approach called trust-node identification and applied the approach as three rules into the preprocessor. In this sense, the ECAT preprocessor differs from other supported ICS preprocessors in the literature, such as DNP3 and Modbus/TCP. Besides supporting traditional rule expansion, it is also able to handle layer 2 packets and to apply deep packet inspection on EtherCAT packets using the trust-node approach. This method first identifies engineering-station approved nodes based on EtherCAT network information (ENI) configuration files and then deeply inspects incoming packets, considering protocol specifications. The improvements and approach have been tested on the physically developed testbed environment and we have proved that proposals can detect related attacks and provide a basic level of security over the EtherCAT-implemented systems.
dc.language English
dc.publisher WILEY-HINDAWI
dc.rights info:eu-repo/semantics/openAccess
dc.rights.uri http://creativecommons.org/licenses/by/4.0/
dc.subject Telecommunications
dc.title Development of the ECAT Preprocessor with the Trust Communication Approach
dc.type Article
dc.contributor.department Sakarya Üniversitesi/Bilgisayar Ve Bilişim Bilimleri Fakültesi/Bilgisayar Mühendisliği Bölümü
dc.contributor.saüauthor Ovaz Akpınar, Kevser
dc.contributor.saüauthor Özçelik, İbrahim
dc.relation.journal SECURITY AND COMMUNICATION NETWORKS
dc.identifier.wos WOS:000431217600001
dc.identifier.doi 10.1155/2018/2639750
dc.identifier.eissn 1939-0122
dc.contributor.author Ovaz Akpınar, Kevser
dc.contributor.author Özçelik, İbrahim


Files in this item

This item appears in the following Collection(s)

Show simple item record

info:eu-repo/semantics/openAccess Except where otherwise noted, this item's license is described as info:eu-repo/semantics/openAccess