Softwarová knihovna detekčních algoritmů ICS
Havlena Vojtěch, Ing., Ph.D. (DITS FIT BUT)
Kolář Dušan, doc. Dr. Ing. (DIFS FIT BUT)
Matoušek Petr, doc. Ing., Ph.D., M.A. (DIFS FIT BUT)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS FIT BUT)
network traffic monitoring, industrial networks, Netflow-based monitoring, IPFIX-based application protocol monitoring, protocol parser, protocol decoder
Software library of algorithms, including their demonstration on the attached data for the detection of anomalies in ICS network traffic. The library processes input data in PCAP format and implements various methods for creating a profile of normal communication and detection of possible deviations. The library consists of methods based on various principles of communication modeling, especially automata, statistical methods, and machine learning.
Source codes are available at private GitHub repository: https://github.com/nesfit/bonnet-ics-library
This software was created in project VI20192022138 with the financial support of MV.