CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

Taiwan's Cybersecurity Researchers
OT Security Forum
  • May 6th (Thu)
  • 10:45 - 11:15
  • 7F 701C

Method for detecting abnormal behavior of unknown protocol in industrial control environment

In the factory network environment, analyzing the packets heard is like language analysis. The communication between the machines in the factory is like the communication between the Boss and the Servant. The communication language may be Chinese, English, Japanese, but it may also be an unknown dialect (Unknown Protocol). Therefore, after hearing the packets of the industrial control network environment, how to find and "see" unknown protocols, and automatically analyze the unknown industrial control protocols to increase the accuracy of IDS and reduce misjudgment is an important issue.

Intermediate
Industrial Security Network SecurityNetwork Visibility
Tsou Yu-Ting

Tsou Yu-Ting

Technical manager, Institute for Information Industry, Cybersecurity Technology Institute

1. Graduated from Chung Yuan Christian University Electrical Engineering Institute

2. Served in the Institute for Information Industry for 10 years

3. Served in the Cybersecurity Technology Institute for 3 years

4. Analyze network packets for more than 10 factories, and inspect the factory's network security and health examination

Sol

Sol

Deputy Engineer, Institute for Information Industry

Learning ICS last year. Interested in Windows and network security