Whitelist representation for FTP service in SCADA system by using structured ACL model

摘要

Due to recent integration of SCADA systems with business systems, SCADA systems became open(unprotected), leading to not only security vulnerabilities increase but also sophisticated and intelligent cyber-attacks specifically targeting SCADA systems. A whitelist based security control technique that has attracted a lot of attention, is an emerging systems control, currently can be applied to solve security problems of the SCADA system. Most of the current security techniques for systems control based on whitelist, use static ACL model. But the static ACL model has limitations in use of ANY-ANY rule which is the only way to express communications using dynamic server port and express ranges of communication features in a control device. In this paper, we propose an structured ACL model to represent an FTP service to overcome the problem of dynamice server port in passive FTP. We demonstrate the feasibility of the proposed model in this paper by applying the FTP features extraction algorithm to FTP traffic.