Analyzing Changes in the Self-similarity of Industrial Control System Network Traffic Caused by Bursty Sources
| dc.contributor.author | Martin, Bryan | |
| dc.contributor.author | Mccurdy, William | |
| dc.contributor.author | Bollmann, Chad | |
| dc.date.accessioned | 2024-12-26T21:10:52Z | |
| dc.date.available | 2024-12-26T21:10:52Z | |
| dc.date.issued | 2025-01-07 | |
| dc.description.abstract | It is well documented that bursty sources on a network, such as those derived from human-type communications (HTC), result in the traffic exhibiting self-similar behavior. However, limited research has been conducted into the self-similarity of networks consisting of machine-type communications (MTC), such as the Internet of Things (IoT) or industrial control system (ICS) devices. Furthermore, it has not been shown how MTC traffic patterns change when aggregated with bursty, human traffic. This research uses publicly available ICS datasets to investigate the effects of adding bursty traffic to MTC networks as characterized by the self-similarity of the traffic. As MTC networks exhibit a lower degree of self-similarity when compared to networks containing HTC, we demonstrate that even a small percentage of bursty traffic introduced to the MTC network will cause an increase in self-similarity. We present these findings as a foundation for utilizing changes in self-similarity, as measured by the Hurst parameter, for anomaly detection of human activity in traditionally non-bursty networks. | |
| dc.format.extent | 10 | |
| dc.identifier.doi | 10.24251/HICSS.2025.835 | |
| dc.identifier.isbn | 978-0-9981331-8-8 | |
| dc.identifier.other | 79c7e5f6-7730-4f60-a0d4-14a26a76fca3 | |
| dc.identifier.uri | https://hdl.handle.net/10125/109686 | |
| dc.relation.ispartof | Proceedings of the 58th Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Applied Security Through Cyber Innovation and Implementation | |
| dc.subject | industrial control system, machine-type communications, network anomaly detection, self-similarity | |
| dc.title | Analyzing Changes in the Self-similarity of Industrial Control System Network Traffic Caused by Bursty Sources | |
| dc.type | Conference Paper | |
| dc.type.dcmi | Text | |
| prism.startingpage | 6986 |
Files
Original bundle
1 - 1 of 1