SCADA Intrusion Detection System Based on Temporal Behavior of Frequent Patterns

被引：0

作者：

Sayegh, Naoum ^{[1
]}

Elhajj, Imad H. ^{[1
]}

Kayssi, Ayman ^{[1
]}

Chehab, Ali ^{[1
]}

机构：

[1] Amer Univ Beirut, Dept Elect & Comp Engn, Beirut, Lebanon

来源：

2014 17TH IEEE MEDITERRANEAN ELECTROTECHNICAL CONFERENCE (MELECON) | 2014年

关键词：

Intrusion detection systems; Temporal Frequent Patterns; SCADA systems;

D O I：

暂无

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

The vital role Supervisory Control And Data Acquisition (SCADA) systems play in controlling the modern infrastructure; along with the rapid evolution of these systems have turned them into one of the most desired targets for malicious attackers. Moreover, SCADA-specific attacks are becoming more sophisticated, and yet security measures are deployed at a very slow pace. In this work, we present a SCADA-specific Intrusion Detection System (IDS) that detects SCADA attacks based on their network traffic behavior, namely the temporal behavior of frequent patterns of the SCADA protocols. The IDS raises alarms when abnormal behavior is identified. The results showed that the IDS is able to detect attacks at a high rate while keeping false alarms at a minimum rate.

引用

页码：432 / 438

页数：7

共 14 条

[1]

Amanullah M., 2005, TRANSM DISTR C EXH A

[2]

[Anonymous], 2008, S4 SCADA SEC SCI S

[3]

Bake S., 2011, McAfee Second Annual Critical Infrastructure Protection Report

[4]

BYRES E, 2004, VDE 2004 C VDE BERL

[5]

Cheung S., 2007, P SCADA SEC SCI S MI

[6]

Gao W., 2010, P 2010 IEEE ECRIME R

[7]

Hentea Mariana., 2008, Interdisciplinary Journal of Information, V3

[8]

Johnson Robert E., 2010, INT TECHN SEC T ICIT

[9]

Linda Ondrej, 2009, Proceedings 2009 International Joint Conference on Neural Networks (IJCNN 2009 - Atlanta), P1827, DOI 10.1109/IJCNN.2009.5178592

[10]

Mallouhi Malaz, 2011, ISGT 2011, P1, DOI [10.1109/ISGT.2011.5759169, DOI 10.1109/ISGT.2011.5759169]

← 1 2 →