Sökning: WFRF:(Asplund Mikael 1981 ) >
Timing-Based Anomal...
-
Lin, Chih-Yuan,1987-Linköpings universitet,Programvara och system,Tekniska fakulteten,RTSLAB - Real-Time Systems Laboratory
(författare)
Timing-Based Anomaly Detection in SCADA Networks
- Artikel/kapitelEngelska2018
Förlag, utgivningsår, omfång ...
-
2018-09-09
-
Cham :Springer,2018
-
electronicrdacarrier
Nummerbeteckningar
-
LIBRIS-ID:oai:DiVA.org:liu-154394
-
https://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-154394URI
-
https://doi.org/10.1007/978-3-319-99843-5_5DOI
Kompletterande språkuppgifter
-
Språk:engelska
-
Sammanfattning på:engelska
Ingår i deldatabas
Klassifikation
-
Ämneskategori:ref swepub-contenttype
-
Ämneskategori:kon swepub-publicationtype
Anmärkningar
-
Supervisory Control and Data Acquisition (SCADA) systems that operate our critical infrastructures are subject to increased cyber attacks. Due to the use of request-response communication in polling, SCADA traffic exhibits stable and predictable communication patterns. This paper provides a timing-based anomaly detection system that uses the statistical attributes of the communication patterns. This system is validated with three datasets, one generated from real devices and two from emulated networks, and is shown to have a False Positive Rate (FPR) under 1.4%. The tests are performed in the context of three different attack scenarios, which involve valid messages so they cannot be detected by whitelisting mechanisms. The detection accuracy and timing performance are adequate for all the attack scenarios in request-response communications. With other interaction patterns (i.e. spontaneous communications), we found instead that 2 out of 3 attacks are detected.
Ämnesord och genrebeteckningar
Biuppslag (personer, institutioner, konferenser, titlar ...)
-
Nadjm-Tehrani, Simin,1958-Linköpings universitet,Programvara och system,Tekniska fakulteten,RTSLAB - Real-Time Systems Laboratory(Swepub:liu)simna73
(författare)
-
Asplund, Mikael,1981-Linköpings universitet,Programvara och system,Tekniska fakulteten,RTSLAB - Real-Time Systems Laboratory(Swepub:liu)mikas34
(författare)
-
Linköpings universitetProgramvara och system
(creator_code:org_t)
Sammanhörande titlar
-
Ingår i:Critical Information Infrastructures SecurityCham : Springer, s. 48-5997833199984289783319998435
Internetlänk
Hitta via bibliotek
Till lärosätets databas