onr:"swepub:oai:DiVA.org:liu-154394"
Search: onr:"swepub:oai:DiVA.org:liu-154394" > Timing-Based Anomal...
- 1 of 1
- Previous record
- Next record
- To hitlist
Timing-Based Anomaly Detection in SCADA Networks
-
- Lin, Chih-Yuan, 1987- (author)
- Linköpings universitet,Programvara och system,Tekniska fakulteten,RTSLAB - Real-Time Systems Laboratory
-
- Nadjm-Tehrani, Simin, 1958- (author)
- Linköpings universitet,Programvara och system,Tekniska fakulteten,RTSLAB - Real-Time Systems Laboratory
-
- Asplund, Mikael, 1981- (author)
- Linköpings universitet,Programvara och system,Tekniska fakulteten,RTSLAB - Real-Time Systems Laboratory
- (creator_code:org_t)
- 2018-09-09
- 2018
- English.
- In: Critical Information Infrastructures Security. - Cham : Springer. - 9783319998428 - 9783319998435 ; , s. 48-59
- Conference paper (peer-reviewed)
Abstract
Subject headings
Close
- Supervisory Control and Data Acquisition (SCADA) systems that operate our critical infrastructures are subject to increased cyber attacks. Due to the use of request-response communication in polling, SCADA traffic exhibits stable and predictable communication patterns. This paper provides a timing-based anomaly detection system that uses the statistical attributes of the communication patterns. This system is validated with three datasets, one generated from real devices and two from emulated networks, and is shown to have a False Positive Rate (FPR) under 1.4%. The tests are performed in the context of three different attack scenarios, which involve valid messages so they cannot be detected by whitelisting mechanisms. The detection accuracy and timing performance are adequate for all the attack scenarios in request-response communications. With other interaction patterns (i.e. spontaneous communications), we found instead that 2 out of 3 attacks are detected.
Subject headings
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Datorsystem (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Computer Systems (hsv//eng)
Keyword
- SCADA
- Industrial Control System (ICS)
- Anomaly detection
- Traffic periodicity
Publication and Content Type
- ref (subject category)
- kon (subject category)
Find in a library
- Critical Information Infrastructures Security (Search for host publication in LIBRIS)
To the university's database
- 1 of 1
- Previous record
- Next record
- To hitlist
Find more in SwePub
- By the author/editor
- Lin, Chih-Yuan, ...
- Nadjm-Tehrani, S ...
- Asplund, Mikael, ...
- About the subject
-
- ENGINEERING AND TECHNOLOGY
- ENGINEERING AND ...
- and Electrical Engin ...
- and Computer Systems
- Articles in the publication
- Critical Informa ...
- By the university
- Linköping University
Search outside SwePub
- Extend your search to:
- Google Book Search
- Google Scholar
Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.
- Copyright © LIBRIS - National Library Systems
- LIBRIS.kb.se
