Overview
Explore a 26-minute Black Hat conference talk on Graph Convolutional Network-based suspicious communication pair estimation for industrial control systems. Delve into the effectiveness of whitelisting as a security monitoring method for industrial control system networks, focusing on communication triplets. Learn about the DCN and GCN scopes, abnormality scoring, key ideas, and the RGCN process. Examine the evaluation phase, experimental results, discrimination performance, and computational costs associated with this approach to network security monitoring.
Syllabus
Introduction
Background
DCN Scope
Abnormality Score
Key Ideas
GCN Scope Overview
GCN Scope Process
RGCN
Scoring Phase
Evaluation
Experimental Results
Discrimination Performance
Performance
Computational Cost
Taught by
Black Hat