Low delay network attributes randomization to proactively mitigate reconnaissance attacks in industrial control systems

Abstract Industrial Control Systems are used in a wide variety of industrial facilities, including critical infrastructures, becoming the main target multiple security attacks. A malicious and successful attack against these infrastructures could cause serious economic environmental consequences, loss human lives. Static networks configurations topologies, which characterize Systems, represent an advantage for attackers, allowing them to scan vulnerable devices or services before carrying out attack. Identifying active is often first step many This paper presents proactive network reconnaissance defense mechanism based on temporal randomization IP addresses, MAC addresses port numbers. The obtained information distortion minimizes knowledge acquired by hindering any that relies addressing. attributes performed adaptive way, minimizing overhead introduced avoiding error latency communications. implementation as well tests have been carried laboratory with real equipment, demonstrating effectiveness presented solution.