To address these concerns, this research proposes two device type fingerprinting methods designed to augment existing intrusion detection methods in the ICS environment.
The first method measures data response processing times and takes advantage of the static and low-latency nature of dedicated ICS networks to develop accurate fingerprints, while the second method uses the physical operation times to develop a unique signature for each device type.
Because they are distributed around the country, often in remote areas, the systems are also difficult to update using the “patching” techniques common in computer networks.
Fingerprinting to detect false data or commands Which is why Beyah and his team have developed “fingerprinting techniques” to protect various operations of the power grid to prevent or minimize spoofing of packets that could be injected to produce false data or false control commands into the system.
Georgia Tech researchers have developed a device fingerprinting technique that could improve the security of the electrical grid and other industrial systems. electrical grid and other industrial systems, carried out over supervisory control and data acquisition (SCADA) protocols, often lack the ability to run modern encryption and authentication systems.