A Trust Management Method Against Abnormal Behavior of Industrial Control Networks Under Active Defense Architecture

Trusted computing is a typical active defense technology. Trust management is a core support technology of trusted computing. However, when trust management is applied in the industrial control systems, how to identify malicious behavior effectively, model trust relationships, and make a decision ba...

Full description

Saved in:
Bibliographic Details
Published in:IEEE eTransactions on network and service management Vol. 19; no. 3; pp. 2549 - 2572
Main Authors: Wang, Jingpei, Zhang, Zhenyong, Wang, Mufeng
Format: Journal Article
Language:English
Published: New York IEEE 01-09-2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Trusted computing is a typical active defense technology. Trust management is a core support technology of trusted computing. However, when trust management is applied in the industrial control systems, how to identify malicious behavior effectively, model trust relationships, and make a decision based on behavior trustworthiness, meanwhile how to ensure deployed trust mechanism does not affect the control network's availability, is a significant issue that has not been solved in the previous literature. This paper proposes a trust management method against abnormal behavior of industrial control networks under active defense architecture. Firstly, we review the difficulties of trust management when applied to industrial control networks and analyze abnormal behaviors of the control operations under unknown threats. Then we extract trust information, model the trust relationship of abnormal behaviors, and establish a trust update and decision-making mechanism under the availability constraints of industrial control networks. Furthermore, we provide a deployment method of the proposed trust management in a distributed control network. Finally, we take five typical abnormal operations on control instruction in an industrial control network as an example and perform a detailed analysis and experimental verification of the proposed method. The results prove that the proposed trust management method has good immunity to abnormal behaviors of the control flow and can be deployed in an industrial control system with availability constraints.
ISSN:1932-4537
1932-4537
DOI:10.1109/TNSM.2022.3173398