A Trust Management Method Against Abnormal Behavior of Industrial Control Networks Under Active Defense Architecture
Trusted computing is a typical active defense technology. Trust management is a core support technology of trusted computing. However, when trust management is applied in the industrial control systems, how to identify malicious behavior effectively, model trust relationships, and make a decision ba...
Saved in:
Published in: | IEEE eTransactions on network and service management Vol. 19; no. 3; pp. 2549 - 2572 |
---|---|
Main Authors: | , , |
Format: | Journal Article |
Language: | English |
Published: |
New York
IEEE
01-09-2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE) |
Subjects: | |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Trusted computing is a typical active defense technology. Trust management is a core support technology of trusted computing. However, when trust management is applied in the industrial control systems, how to identify malicious behavior effectively, model trust relationships, and make a decision based on behavior trustworthiness, meanwhile how to ensure deployed trust mechanism does not affect the control network's availability, is a significant issue that has not been solved in the previous literature. This paper proposes a trust management method against abnormal behavior of industrial control networks under active defense architecture. Firstly, we review the difficulties of trust management when applied to industrial control networks and analyze abnormal behaviors of the control operations under unknown threats. Then we extract trust information, model the trust relationship of abnormal behaviors, and establish a trust update and decision-making mechanism under the availability constraints of industrial control networks. Furthermore, we provide a deployment method of the proposed trust management in a distributed control network. Finally, we take five typical abnormal operations on control instruction in an industrial control network as an example and perform a detailed analysis and experimental verification of the proposed method. The results prove that the proposed trust management method has good immunity to abnormal behaviors of the control flow and can be deployed in an industrial control system with availability constraints. |
---|---|
ISSN: | 1932-4537 1932-4537 |
DOI: | 10.1109/TNSM.2022.3173398 |