keynote

Network Monitoring of Industrial Control Systems: The Lessons of SecurityMatters

Author:

Sandro EtalleAuthors Info & Claims

CPS-SPC'19: Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy

Page 1

https://doi.org/10.1145/3338499.3357354

Published: 11 November 2019 Publication History

Get Access

Abstract

Established in 2009 in the Netherlands as a University spin-off by a professor and two PhD students, SecurityMatters was acquired in 2018 by the American ForeScout Technologies Inc. (NASDAQ:FCST). Security Matters was the pioneer of a new way of realising network monitoring for cybersecurity that proved very successful in the Critical Infrastructure domain (Oil and Gas, Power Generation, Energy Distribution etc.). Besides being a success story, Security Matters has also represented an enormous learning experience, also from the technical viewpoint, allowing to benchmark different approaches against reality. In this lecture, one of the founders of SecurityMatters will give his unsweetened opinion regarding what works and what does not work, when it comes to network monitoring, and why.

Cited By

View all

Gnanasekaran VBartnes MGrotan THeegaard P(2024)Cyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum IndustryProceedings of the 2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability10.1145/3643662.3643958(53-60)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643662.3643958
Jeffrey NTan QVillar J(2023)A Review of Anomaly Detection Strategies to Detect Threats to Cyber-Physical SystemsElectronics10.3390/electronics1215328312:15(3283)Online publication date: 30-Jul-2023
https://doi.org/10.3390/electronics12153283
Jeffrey NTan QVillar J(2022)Anomaly Detection of Security Threats to Cyber-Physical Systems: A Study17th International Conference on Soft Computing Models in Industrial and Environmental Applications (SOCO 2022)10.1007/978-3-031-18050-7_1(3-12)Online publication date: 12-Oct-2022
https://doi.org/10.1007/978-3-031-18050-7_1

Index Terms

Network Monitoring of Industrial Control Systems: The Lessons of SecurityMatters
1. Security and privacy

Recommendations

Towards the protection of industrial control systems: conclusions of a vulnerability analysis of profinet IO
DIMVA'13: Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment

The trend of introducing common information and communication technologies into automation control systems induces besides many benefits new security risks to industrial plants and critical infrastructures. The increasing use of Internet protocols in ...
Architecture of a network monitoring element
Euro-Par'06: Proceedings of the CoreGRID 2006, UNICORE Summit 2006, Petascale Computational Biology and Bioinformatics conference on Parallel processing

A Network Monitoring system is a vital component of a Grid; however, its scalability is a challenge. We propose a network monitoring approach that combines passive monitoring, a domain oriented overlay network, and an attitude for demand driven ...
Study of Network Monitoring Theory in Switched Ethernet and its Countermeasures
ICICIS '11: Proceedings of the 2011 International Conference on Internet Computing and Information Services

Network monitoring technique is an important and sensitive technique in the field of network safety. hackers usually make use of TCP/IP protocol's flows to spoof their target .With the combination of Network Monitoring, hacker can intercept and tamper ...

Comments

Information & Contributors

Information

Published In

CPS-SPC'19: Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy

November 2019

115 pages

ISBN:9781450368315

DOI:10.1145/3338499

General Chairs:
Lorenzo Cavallaro
King's College London, United Kingdom
,
Johannes Kinder
Bundeswehr University Munich, Germany
,
Program Chair:
Thorsten Holz
Ruhr-University Bochum, Germany

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 November 2019

Check for updates

Author Tags

Qualifiers

Keynote

Conference

CCS '19

Sponsor:

SIGSAC

CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security

November 11, 2019

London, United Kingdom

Acceptance Rates

Overall Acceptance Rate 53 of 66 submissions, 80%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
206
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Gnanasekaran VBartnes MGrotan THeegaard P(2024)Cyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum IndustryProceedings of the 2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability10.1145/3643662.3643958(53-60)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643662.3643958
Jeffrey NTan QVillar J(2023)A Review of Anomaly Detection Strategies to Detect Threats to Cyber-Physical SystemsElectronics10.3390/electronics1215328312:15(3283)Online publication date: 30-Jul-2023
https://doi.org/10.3390/electronics12153283
Jeffrey NTan QVillar J(2022)Anomaly Detection of Security Threats to Cyber-Physical Systems: A Study17th International Conference on Soft Computing Models in Industrial and Environmental Applications (SOCO 2022)10.1007/978-3-031-18050-7_1(3-12)Online publication date: 12-Oct-2022
https://doi.org/10.1007/978-3-031-18050-7_1

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

Cited By

Index Terms

Recommendations

Towards the protection of industrial control systems: conclusions of a vulnerability analysis of profinet IO

Architecture of a network monitoring element

Study of Network Monitoring Theory in Switched Ethernet and its Countermeasures

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations