Skip to main content

Advertisement

SpringerLink
Log in

Visualization for internet of things: power system and financial network cases

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

National critical infrastructure networks, such as banks and industrial control systems (ICSs), can be serious damaged in the event of a security incident. Therefore, in all these major infrastructures, closed networks are constructed to cut off the attack path. However, owing to the emergence of cloud, Internet of Things (IoT), and artificial intelligence (AI) services, network interconnection is rapidly increasing; thus, many major infrastructure networks can no longer be called closed networks. The ICS, which was previously a strictly closed network, is now usually called Industrial Internet of Things (IIoT) and exhibits many changes, such as smart factories and remote control. Many payment modules use the financial network through IoT or AI-assisted services. In this massive connected environment, the existing closed network defense system may cause difficulties in providing the service. Therefore, there is a need for technology that can continuously monitor the possibility of advanced attacks. In this paper, we define the normal-behavior-based rules from the perspective of network forensics and conduct visualization studies to detect all possible attacks against the control protocol DNP3 (Distributed Network Protocol) and the financial protocol called FIX (Finance Information Exchange). Thus, we detected suspicious network packets on the ICS network and the financial network and identified abnormal behavior that could be the basis of serious attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17

Similar content being viewed by others

References

  1. (2001) Financial information exchange protocol (FIX) Version 4.3

  2. (2017) d3 library https://d3js.org/

  3. (2017) Fix protocol users. http://www.fixtradingcommunity.org/pg/main/who-uses-fix/fix-version

  4. (2017) Fix protocol south korea community. http://koreafix.egloos.com

  5. Abdullah K et al (2005) IDS rainstorm: visualizing IDS alarms 1

  6. Abeyrathne KB et al (2009) Visualization tool for network forensics analysis using an intrusion detection system. CYBERVIZ 3

  7. Ahmed I et al (2012) SCADA systems: challenges for forensic investigators. Computer 45:44–51

    Article  Google Scholar 

  8. Angelini M, Prigent N, Santucci G (2015) Percival: proactive and reactive attack and response assessment for cyberincidents using visual analytics. Visualization for Cyber Security (VIZSEC), 2015 IEEE Symposium on IEEE

  9. Arendt D et al (2016) CYBERPETRI at CDX 2016: real-time network situation awareness. Visualization for Cyber Security (VIZSEC), 2016 IEEE Symposium on IEEE

  10. Blue R et al (2008) Visualizing real-time network resource usage. Visualization for computer security. Springer Berlin Heidelberg 5210: 119–135

  11. Clarke G, Reynders D, Wright E (2004) Practical Modern SCADA Protocols; DNP3, 60870.5 and Related Systems. Elsevier 79

  12. Digital bond (2016) Download the PCAP files to test the quickdraw signatures, http://www.digitalbond.com/tools/quickdraw/download/

  13. FIREEYE (2016) industrial control systems health check, https://www.fireeye.com/services/mandiant-industrial-control-system-gap-assessment.html

  14. ICS security summit (2016) What’s the dfirence for ICS?. https://www.sans.org/event-downloads/42402/agenda.pdf, P.4

  15. ICS-CERT (2016) ICS-CERT Monitor November–December 2015

  16. ICS-CERT (2018) MAR-17-352-01 HatMan - Safety System Targeted Malware (Update A)

  17. IEEE power and energy society (2012) IEEE standard for electric power systems communications.distributed network protocol (DNP3)

  18. NETRESEC (2016) Networkminer, http://www.netresec.com/?page=networkminer

  19. Park J-B, Kim H-K, Kim E-J (2014) Design and implementation of the honeycomb structure visualization system for the effective security situational awareness of large-scale networks. J Korea Inst Inform Sec Cryptol 24(6):1197–1213

    Article  Google Scholar 

  20. Promrit N et al (2011) Multi-dimensional visualization for network forensic analysis. Networked Computing (INC), 2011 The 7th international conference

  21. Shahzad A et al (2015) New security development and trends to secure the SCADA sensors automated transmission during critical sessions. Symmetry 7(4):1945–1980

    Article  MathSciNet  Google Scholar 

  22. Shiravi H, Shiravi A, Ghorbani AA (2012) A survey of visualization systems for network security. IEEE Trans Vis Comput Graph 18.8:1313–1329

    Article  Google Scholar 

  23. Siadati H, Saket B, Memon N (2016) Detecting Malicious Logins in enterprise networks using visualization. Visualization for Cyber Security (VIZSEC), 2016 IEEE Symposium on IEEE

  24. US-CERT (2018) VPNFilter Destructive Malware

  25. Riel J-P Van, Irwin B (2006) INETVIS, a visual tool for network telescope traffic analysis. 4th Int Conf Comput Graph, Virtual Real, Visual Interact Africa ACM 85–89

Download references

Acknowledgements

- This research was supported by the Ministry of Science and ICT (MSIT), Korea, under the Information Technology Research Center support program IITP-2018-2016-0-00304 supervised by the Institute for Information & Communications Technology Promotion (IITP).

- This work was supported by an IITP grant funded by the Korean government (MSIT) (No. 2018-0-00336, Advanced Manufacturing Process Anomaly Detection to prevent the Smart Factory Operation Failure by Cyber Attacks).

- This work was supported by the Ajou University research fund.

Author information

Authors and Affiliations

  1. Ajou University, Yeongtong-gu, Suwon, Gyunggi-do, 443-749, South Korea

    Myungjong Kim, Wooyeon Jo, Jaehoon Kim & Taeshik Shon

Authors
  1. Myungjong Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wooyeon Jo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jaehoon Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Taeshik Shon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Taeshik Shon.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kim, M., Jo, W., Kim, J. et al. Visualization for internet of things: power system and financial network cases. Multimed Tools Appl 78, 3241–3265 (2019). https://doi.org/10.1007/s11042-018-6730-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-018-6730-x

Keywords

Search

Navigation