A symmetric address translation approach for a network layer moving target defense to secure power grid networks
Title | A symmetric address translation approach for a network layer moving target defense to secure power grid networks |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Ulrich, J., Drahos, J., Govindarasu, M. |
Conference Name | 2017 Resilience Week (RWS) |
Keywords | computer network security, critical infrastructure, Cyber physical system, IP networks, IP-Hopping, Local area networks, Logic gates, Metrics, moving target defense, MTD, Network Address Translation, power grid network security, power grids, power system security, pubcrawl, Resiliency, SCADA, SCADA network, SCADA systems, scheduling, security, Substations, supervisory control and data acquisition, supervisory control and data acquisition network, symmetric address translation, symmetric packet scheduling rules, wide area networks |
Abstract | This paper will suggest a robust method for a network layer Moving Target Defense (MTD) using symmetric packet scheduling rules. The MTD is implemented and tested on a Supervisory Control and Data Acquisition (SCADA) network testbed. This method is shown to be efficient while providing security benefits to the issues faced by the static nature of SCADA networks. The proposed method is an automated tool that may provide defense in depth when be used in conjunction with other MTDs and traditional security devices. |
URL | https://ieeexplore.ieee.org/document/8088667/ |
DOI | 10.1109/RWEEK.2017.8088667 |
Citation Key | ulrich_symmetric_2017 |
- power system security
- wide area networks
- symmetric packet scheduling rules
- symmetric address translation
- supervisory control and data acquisition network
- supervisory control and data acquisition
- Substations
- security
- scheduling
- SCADA systems
- SCADA network
- SCADA
- Resiliency
- pubcrawl
- computer network security
- power grids
- power grid network security
- Network Address Translation
- MTD
- moving target defense
- Metrics
- Logic gates
- Local area networks
- IP-Hopping
- IP networks
- Cyber Physical System
- critical infrastructure