Development of industrial network forensics lessons
Nguyen, Thuy D.
Irvine, Cynthia E.
MetadataShow full item record
Most forensic investigators are trained to recognize abusive network behavior in conventional information systems, but they may not know how to detect anomalous traffic patterns in industrial control systems (ICS) that manage critical infrastructure services. We have developed and laboratory-tested hands-on teaching material to introduce students to forensics investigation of intrusions on an industrial network. Rather than using prototypes of ICS components, our approach utilizes commercial industrial products to provide students a more realistic simulation of an ICS network. The lessons cover four different types of attacks and the corresponding post-incident network data analysis.
Showing items related by title, author, creator and subject.
Nguyen, Thuy D. (2016-12); NPS-CS-16-004Network security monitoring is an important element in incident response and forensics investigation. Most forensic investigators are trained to recognize abusive network behavior in conventional information systems, but ...
Gormley, James J., III (Monterey, California: Naval Postgraduate School, 2017-12);Daily operations of U.S. Navy afloat and ashore systems are heavily reliant on industrial control systems (ICSs) to manage critical infrastructure services. Programmable logic controllers (PLCs) are vital components in ...
Wyatt, Brandon (Monterey, California: Naval Postgraduate School, 2017-09);The Wireless Networks for Industrial Automation-Process Automation (WIA-PA) standard is not well known in North America and is a relatively new industrial control system standard when compared to WirelessHart and ISA100.11A. ...