作者:Meng Jie, Deng Ruilong, Chen Jiming;等
来源:ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE(ACM ACSAC)最佳会议论文
会议地点:Austin, TX, USA 会议时间: DEC 2023
We propose a novel framework named SePanner to extract the semantics of controller variables from proprietary industrial control protocols based on network traffic. SePanner conducts the multi-state comparison to locate the semantic fields directly and removes the interfering fields by the single-state comparison and filtering criteria. Our experiments demonstrate that SePanner can precisely extract the semantics of controller variables and provide protection for PLCs while remaining compatible with various proprietary binary protocols.
