Intrusion detection and event monitoring in SCADA networks

被引：0

作者：

Oman, Paul ^{[1
]}

Phillips, Matthew ^{[1
]}

机构：

[1] Univ Idaho, Moscow, ID 83843 USA

来源：

CRITICAL INFRASTRUCTURE PROTE CTION | 2008年 / 253卷

基金：

美国国家科学基金会;

关键词：

intrusion detection; real-time monitoring; SCADA networks;

D O I：

暂无

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

This paper describes the implementation of a customized intrusion detection and event monitoring system for a SCADA/sensor testbed. The system raises alerts upon detecting potential unauthorized access and changes in device settings. By markedly increasing the logging of critical network events, the system shows dramatic improvements in both the security and overall auditing capabilities. In addition to its role in securing SCADA networks, the system assists operators in identifying common configuration errors.

引用

页码：161 / +

页数：3

共 10 条

[1]

*OFF EN ASS, 2002, 2 STEPS IMPR CYB SEC

[2] Analyzing the security and survivability of real-time control systems [J].

Oman, P ;

Krings, A ;

de Leon, DC ;

Alves-Foss, J .

PROCEEDINGS FROM THE FIFTH IEEE SYSTEMS, MAN AND CYBERNETICS INFORMATION ASSURANCE WORKSHOP, 2004, :342-349

[3]

OMAN P, 2001, UTILITY AUTOMATION E, V6, P16

[4]

OMAN P, 2000, P 27 ANN W PROT REL

[5]

PHILLIPS M, 2005, THESIS U IDAHO MOSCO

[6]

SHELDON F, INT J POWER ENERGY S

[7]

*US HOUSE REPR COM, 2004, TEL SCADA SEC LINK O

[8]

WAITE J, 2004, P 37 ANN N AM POW S, P447

[9]

WAITE J, 2004, THESIS U IDAHO MOSCO

[10]

[No title captured]

← 1 →