Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Packet-wise compression and forwarding of industrial network captures

 
: Hansch, Gerhard; Schneider, Peter; Plaga, Sven

:

Institute of Electrical and Electronics Engineers -IEEE-:
IEEE 9th International Conference on Intelligent Data Aquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2017. Proceedings. Vol.1 : The crossing point of intelligent data aquisition & advanced computing systems and east & west scientists, September 21-23, 2017, Bucharest, Romania
Piscataway, NJ: IEEE, 2017
ISBN: 978-1-5386-0697-1
ISBN: 978-1-5386-0694-0
ISBN: 978-1-5386-0698-8
S.66-70
International Conference on Intelligent Data Acquisition and Advanced Computing Systems - Technology and Applications (IDAACS) <9, 2017, Bucharest>
Bundesministerium für Bildung und Forschung BMBF
16KIS0329; IUNO
Englisch
Konferenzbeitrag
Fraunhofer AISEC ()
industrial communication; data acquisition; data compression; communication system traffic control; network security

Abstract
Network traffic captures are necessary for a variety of security applications like identification of malicious patterns or training of intrusion detection systems. While monitoring of enterprise networks is common practice, it is rarely done for industrial production environments due to low bandwidth, confidential production data and sensitive legacy components. To address these challenges, we present methods for non-interfering recording, compression, and transmission of industrial network packet captures. Since a large portion of industrial network traffic consists of status reports that change only slightly, we replace recurring byte strings per connection to reduce the data sent, which also provides a form of concealment We evaluate our approach by a prototypical implementation on self-generated and publicly available industrial network captures and compare our substitution algorithm to the standard zlib algorithm as well as a combination of both methods.

: http://publica.fraunhofer.de/dokumente/N-502508.html