Anomaly Detection Sensors for a Modbus-based Oil and Gas Well-monitoring System

被引：7

作者：

He, Xinchi ^{[1
]}

Robards, Ethan ^{[1
]}

Gamble, Rose ^{[1
]}

Papa, Mauricio ^{[1
]}

机构：

[1] Univ Tulsa, Tandy Sch Comp Sci, Tulsa, OK 74104 USA

来源：

2019 2ND INTERNATIONAL CONFERENCE ON DATA INTELLIGENCE AND SECURITY (ICDIS 2019) | 2019年

关键词：

anomaly detection; SCADA security; Modbus; system monitoring;

D O I：

10.1109/ICDIS.2019.00008

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Timely detection of network traffic anomalies in oil and gas wells is critical to support operations. This paper describes a network sensor that has been specifically designed to operate within an existing well-monitoring infrastructure. Network traffic and flow features are extracted in real-time and compared against pre-set and moving averages to detect and report anomalies. A prototype has been tested using the Modbus protocol and network traffic covering several months of operations. In order to avoid potential impact on the production environment, scripts captured network packets that were then replayed on the IMUNES network emulator. Preliminary results have identified useful metrics for anomaly detection in a production environment.

引用

页码：1 / 8

页数：8

共 20 条

[1]

Almeida-Apolonio A.A., 2018, P IEEE IND APPL SOC, P1

[2]

[Anonymous], 2004, MODBUS MESS TCP IP I

[3] Continuous Monitoring of Distributed Data Streams over a Time-Based Sliding Window [J].

Chan, Ho-Leung ;

Lam, Tak-Wah ;

Lee, Lap-Kei ;

Ting, Hing-Fung .

ALGORITHMICA, 2012, 62 (3-4) :1088-1111

[4]

Demirhan K, 2017, ADV SOC NETW ONLINE, P1, DOI 10.4018/978-1-5225-2019-1

[5] HAMIDS: Hierarchical Monitoring Intrusion Detection System for Industrial Control Systems [J].

Ghaeini, Hamid Reza ;

Tippenhauer, Nils Ole .

CPS-SPC'16: PROCEEDINGS OF THE 2ND ACM WORKSHOP ON CYBER-PHYSICAL SYSTEMS SECURITY & PRIVACY, 2016, :101-109

[6]

Hahn A., 2012, PLANT SOIL, P1, DOI DOI 10.1007/7S11104-012-1306-4

[7] Using Color Strings Comparison for Video Frames Retrieval [J].

Lin, Chiunhsiun ;

Su, Ching-Hung .

2009 INTERNATIONAL CONFERENCE ON INFORMATION AND MULTIMEDIA TECHNOLOGY, PROCEEDINGS, 2009, :211-+

[8] TABOR: A Graphical Model-based Approach for Anomaly Detection in Industrial Control Systems [J].

Lin, Qin ;

Adepu, Sridhar ;

Verwer, Sicco ;

Mathur, Aditya .

PROCEEDINGS OF THE 2018 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIACCS'18), 2018, :525-536

[9]

Maglaras LA, 2014, 2014 SCIENCE AND INFORMATION CONFERENCE (SAI), P626, DOI 10.1109/SAI.2014.6918252

[10]

Markman C., 2017, Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, P1

← 1 2 →