{"title":"基于时间行为频繁模式的SCADA入侵检测系统","authors":"Naoum Sayegh, I. Elhajj, A. Kayssi, A. Chehab","doi":"10.1109/MELCON.2014.6820573","DOIUrl":null,"url":null,"abstract":"The vital role Supervisory Control And Data Acquisition (SCADA) systems play in controlling the modern infrastructure; along with the rapid evolution of these systems have turned them into one of the most desired targets for malicious attackers. Moreover, SCADA-specific attacks are becoming more sophisticated, and yet security measures are deployed at a very slow pace. In this work, we present a SCADA-specific Intrusion Detection System (IDS) that detects SCADA attacks based on their network traffic behavior, namely the temporal behavior of frequent patterns of the SCADA protocols. The IDS raises alarms when abnormal behavior is identified. The results showed that the IDS is able to detect attacks at a high rate while keeping false alarms at a minimum rate.","PeriodicalId":103316,"journal":{"name":"MELECON 2014 - 2014 17th IEEE Mediterranean Electrotechnical Conference","volume":"111 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"44","resultStr":"{\"title\":\"SCADA Intrusion Detection System based on temporal behavior of frequent patterns\",\"authors\":\"Naoum Sayegh, I. Elhajj, A. Kayssi, A. Chehab\",\"doi\":\"10.1109/MELCON.2014.6820573\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The vital role Supervisory Control And Data Acquisition (SCADA) systems play in controlling the modern infrastructure; along with the rapid evolution of these systems have turned them into one of the most desired targets for malicious attackers. Moreover, SCADA-specific attacks are becoming more sophisticated, and yet security measures are deployed at a very slow pace. In this work, we present a SCADA-specific Intrusion Detection System (IDS) that detects SCADA attacks based on their network traffic behavior, namely the temporal behavior of frequent patterns of the SCADA protocols. The IDS raises alarms when abnormal behavior is identified. The results showed that the IDS is able to detect attacks at a high rate while keeping false alarms at a minimum rate.\",\"PeriodicalId\":103316,\"journal\":{\"name\":\"MELECON 2014 - 2014 17th IEEE Mediterranean Electrotechnical Conference\",\"volume\":\"111 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-04-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"44\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"MELECON 2014 - 2014 17th IEEE Mediterranean Electrotechnical Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MELCON.2014.6820573\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"MELECON 2014 - 2014 17th IEEE Mediterranean Electrotechnical Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MELCON.2014.6820573","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SCADA Intrusion Detection System based on temporal behavior of frequent patterns
The vital role Supervisory Control And Data Acquisition (SCADA) systems play in controlling the modern infrastructure; along with the rapid evolution of these systems have turned them into one of the most desired targets for malicious attackers. Moreover, SCADA-specific attacks are becoming more sophisticated, and yet security measures are deployed at a very slow pace. In this work, we present a SCADA-specific Intrusion Detection System (IDS) that detects SCADA attacks based on their network traffic behavior, namely the temporal behavior of frequent patterns of the SCADA protocols. The IDS raises alarms when abnormal behavior is identified. The results showed that the IDS is able to detect attacks at a high rate while keeping false alarms at a minimum rate.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
