S&M2699 Research Paper of Special Issue
Published: October 7, 2021
Design of Industrial Control System Secure Communication Using Moving Target Defense with Legacy Infrastructure [PDF]
Jung-Shian Li, Chuan-Gang Liu, Chin-Jui Wu, Chi-Che Wu, Che-Wei Huang, Chu-Fen Li, and I-Hsien Liu
(Received June 30, 2021; Accepted September 21, 2021)
Keywords: industrial control system, moving target defense, secure communication, DHCP, DNS, sensing network
In this paper, we propose a framework that protects the communication for programming logic controllers (PLCs) and sensors in a supervisory control and data acquisition (SCADA) network with an improved moving target defense (MTD) scheme that thwarts attackers in the reconnaissance stage. Our framework changes the Internet Protocol (IP) addresses of each host based on specified time intervals, and the scheme does not need to transmit the IP address to the communication parties for notification. The scheme uses the Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) to improve existing MTD schemes, which may have synchronization problems or a single point of failure. Moreover, adding DNS and DHCP into the MTD scheme significantly lowers the cost of deployment compared with deploying MTD devices before each PLC, making it feasible for an enterprise to implement. Experimental results are presented to demonstrate that our framework can effectively protect a network and that its performance is acceptable.Corresponding author: I-Hsien Liu
This work is licensed under a Creative Commons Attribution 4.0 International License.
Cite this article
Jung-Shian Li, Chuan-Gang Liu, Chin-Jui Wu, Chi-Che Wu, Che-Wei Huang, Chu-Fen Li, and I-Hsien Liu, Design of Industrial Control System Secure Communication Using Moving Target Defense with Legacy Infrastructure, Sens. Mater., Vol. 33, No. 10, 2021, p. 3415-3424.