Softwarová knihovna detekčních algoritmů ICS

ICS detection algorithms software library

software

In order to use the result by another entity, it is always necessary to acquire a license

The licensor requires a license fee for the result

Burgetová Ivana, Ing., Ph.D. (DIFS)
Havlena Vojtěch, Ing., Ph.D. (DITS)
Kolář Dušan, doc. Dr. Ing. (DIFS)
Matoušek Petr, doc. Ing., Ph.D., M.A. (DIFS)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS)

network traffic monitoring, industrial networks, Netflow-based monitoring, IPFIX-based application protocol monitoring, protocol parser, protocol decoder

Software library of algorithms, including their demonstration on the attached data for the detection of anomalies in ICS network traffic. The library processes input data in PCAP format and implements various methods for creating a profile of normal communication and detection of possible deviations. The library consists of methods based on various principles of communication modeling, especially automata, statistical methods, and machine learning.

Zdrojové kódy jsou dostupné v privátním GitHub repozitáři: https://github.com/nesfit/bonnet-ics-library

This software was created in project VI20192022138 with the financial support of MV.

Security monitoring of ICS communication in the smart grid, MV, Program bezpečnostního výzkumu ČR v letech 2015-2022 (BV III/1-VS), VI20192022138, 2019-2022, running

NES@FIT - Networks and distributed systems research group (RG NES@FIT)

Department of Information Systems (DIFS)