CISPA
Browse
cispa_all_3612.pdf (738.74 kB)

vBump: Securing Ethernet-based Industrial Control System Networks with VLAN-based Traffic Aggregation

Download (738.74 kB)
conference contribution
posted on 2023-11-29, 18:18 authored by Nils Ole TippenhauerNils Ole Tippenhauer, Binbin Chen, Daisuke Mashima, David M. Nicol
Bump-in-the-wire (bump) devices can be used to protect critical endpoints in Industrial Control System (ICS) networks. However, bump devices cannot be used to authenticate incoming broadcast traffic, are complex to manage, and one bump is needed per host. In this work, we propose a virtual bump-like solution called vBump, which allows to insert virtual bumps in front of Ethernet- based legacy ICS devices. The vBumps can be used to limit traffic to whitelisted destinations, inspect all traffic on or above Link- layer like a centralized intrusion detection systems (or monitoring systems), or even police the traffic like a centralized intrusion pre- vention systems. In particular, this also allows the network to apply fine-grained control on traffic between nodes that need to be in the same Link-layer broadcast domain. Compared to traditional bumps, vBumps do not require any changes in physical network topology, and the central server’s global view allows for more informed deci- sion, with less computational constraints. We implement the system in a high-fidelity ICS testbed, and demonstrate its capabilities to support even time-critical protection control traffic in smart grids. Our system can handle traffic rates of 150Mbps with one-way delay of ≈ 1ms.

History

Preferred Citation

Nils Tippenhauer, Binbin Chen, Daisuke Mashima and David Nicol. vBump: Securing Ethernet-based Industrial Control System Networks with VLAN-based Traffic Aggregation. In: Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec). 2021.

Primary Research Area

  • Threat Detection and Defenses

Name of Conference

Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec)

Legacy Posted Date

2022-04-23

Open Access Type

  • Green

BibTeX

@inproceedings{cispa_all_3612, title = "vBump: Securing Ethernet-based Industrial Control System Networks with VLAN-based Traffic Aggregation", author = "Tippenhauer, Nils Ole and Chen, Binbin and Mashima, Daisuke and Nicol, David M.", booktitle="{Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec)}", year="2021", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC