Development of Industrial Network Forensics Lessons
| Title | Development of Industrial Network Forensics Lessons |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Nguyen, Thuy D., Irvine, Cynthia E. |
| Conference Name | Proceedings of the Fifth Cybersecurity Symposium |
| Publisher | ACM |
| ISBN Number | 978-1-4503-6406-5 |
| Keywords | industrial control system, industrial control systems, network forensics, pubcrawl, resilience, Resiliency, Scalability, scalable, security education |
| Abstract | Most forensic investigators are trained to recognize abusive network behavior in conventional information systems, but they may not know how to detect anomalous traffic patterns in industrial control systems (ICS) that manage critical infrastructure services. We have developed and laboratory-tested hands-on teaching material to introduce students to forensics investigation of intrusions on an industrial network. Rather than using prototypes of ICS components, our approach utilizes commercial industrial products to provide students a more realistic simulation of an ICS network. The lessons cover four different types of attacks and the corresponding post-incident network data analysis. |
| URL | https://dl.acm.org/citation.cfm?doid=3212687.3212866 |
| DOI | 10.1145/3212687.3212866 |
| Citation Key | nguyen_development_2018 |