본문 바로가기
  • Home

A Study of Passive Scanning-based Device Identification in Operational Technology Environments

  • Journal of Software Assessment and Valuation
  • Abbr : JSAV
  • 2023, 19(3), pp.105-118
  • DOI : 10.29056/jsav.2023.09.12
  • Publisher : Korea Software Assessment and Valuation Society
  • Research Area : Engineering > Computer Science
  • Received : September 1, 2023
  • Accepted : September 20, 2023
  • Published : September 30, 2023

Minsu Park 1 Seokhyun Ahn 1 Seyeon Park 1 SEONG JE CHO 1 Hong Kun Kim 2

1단국대학교
2한국인터넷진흥원

Accredited

ABSTRACT

To mitigate security risks, organizational assets must be identified and security vulnerabilities eliminated. active scanning and passive scanning techniques have been applied in existing IT environments to identify assets.. In this paper, we first examine the problems of applying the existing network scanning methods to OT systems. Then, to select network traffic features required when identifying OT devices by applying a passive scanning, we analyze network traffic features (TTL, TCP Window Size, IAT, etc.) used in prior studies on identifying IoT devices which have similar properties to OT devices. In addition, we recognize the types of network traffic features, and present research issues to be addressed for effective identification of OT devices.

Citation status

* References for papers published after 2023 are currently being built.