Bump-in-the-wire (bump) devices can be used to protect critical
endpoints in Industrial Control System (ICS) networks. However,
bump devices cannot be used to authenticate incoming broadcast
traffic, are complex to manage, and one bump is needed per host.
In this work, we propose a virtual bump-like solution called
vBump, which allows to insert virtual bumps in front of Ethernet-
based legacy ICS devices. The vBumps can be used to limit traffic
to whitelisted destinations, inspect all traffic on or above Link-
layer like a centralized intrusion detection systems (or monitoring
systems), or even police the traffic like a centralized intrusion pre-
vention systems. In particular, this also allows the network to apply
fine-grained control on traffic between nodes that need to be in the
same Link-layer broadcast domain. Compared to traditional bumps,
vBumps do not require any changes in physical network topology,
and the central server’s global view allows for more informed deci-
sion, with less computational constraints. We implement the system
in a high-fidelity ICS testbed, and demonstrate its capabilities to
support even time-critical protection control traffic in smart grids.
Our system can handle traffic rates of 150Mbps with one-way delay
of ≈ 1ms.
History
Preferred Citation
Nils Tippenhauer, Binbin Chen, Daisuke Mashima and David Nicol. vBump: Securing Ethernet-based Industrial Control System Networks with VLAN-based Traffic Aggregation. In: Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec). 2021.
Primary Research Area
Threat Detection and Defenses
Name of Conference
Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec)
Legacy Posted Date
2022-04-23
Open Access Type
Green
BibTeX
@inproceedings{cispa_all_3612,
title = "vBump: Securing Ethernet-based Industrial Control System Networks with VLAN-based Traffic Aggregation",
author = "Tippenhauer, Nils Ole and Chen, Binbin and Mashima, Daisuke and Nicol, David M.",
booktitle="{Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec)}",
year="2021",
}