An HMM-Based Anomaly Detection Approach for SCADA Systems
作者: Kyriakos Stefanidis , Artemios G. Voyiatzis
DOI: 10.1007/978-3-319-45931-8_6
关键词: Computer science 、 Protocol data unit 、 SCADA 、 Benchmark (computing) 、 Data mining 、 Anomaly detection 、 Hidden Markov model 、 Intrusion detection system 、 Exploit 、 Industrial control system
摘要: We describe the architecture of an anomaly detection system based on Hidden Markov Model (HMM) for intrusion in Industrial Control Systems (ICS) and especially SCADA systems interconnected using TCP/IP. The proposed exploits unique characteristics ICS networks protocols to efficiently detect multiple attack vectors. evaluate terms accuracy as reference datasets made available by other researchers. These refer real industrial contain a variety identified benchmark our findings against large set machine learning algorithms demonstrate that proposal exhibits superior performance characteristics.
springer.com
sci-hub.se 参考文章(19)
Noam Erez, Avishai Wool, Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems International Journal of Critical Infrastructure Protection. ,vol. 10, pp. 59- 70 ,(2015) , 10.1016/J.IJCIP.2015.05.001
Artemios G. Voyiatzis, Konstantinos Katsigiannis, Stavros Koubias, A Modbus/TCP Fuzzer for testing internetworked industrial systems 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA). pp. 1- 6 ,(2015) , 10.1109/ETFA.2015.7301400
Rafael Ramos Regis Barbosa, Anomaly detection in SCADA systems : a network based approach University Library/University of Twente. ,(2014) , 10.3990/1.9789036536455
Marco Caselli, Emmanuele Zambon, Frank Kargl, Sequence-aware Intrusion Detection in Industrial Control Systems Proceedings of the 1st ACM Workshop on Cyber-Physical System Security. pp. 13- 24 ,(2015) , 10.1145/2732198.2732200
Thomas Morris, Anurag Srivastava, Bradley Reaves, Wei Gao, Kalyan Pavurapu, Ram Reddi, A control system testbed to validate critical infrastructure protection concepts International Journal of Critical Infrastructure Protection. ,vol. 4, pp. 88- 103 ,(2011) , 10.1016/J.IJCIP.2011.06.005
Davide Ariu, Roberto Tronci, Giorgio Giacinto, HMMPayl: An intrusion detection system based on Hidden Markov Models Computers & Security. ,vol. 30, pp. 221- 241 ,(2011) , 10.1016/J.COSE.2010.12.004
Luis Martí, Nayat Sanchez-Pi, José Manuel Molina, Ana Cristina Bicharra Garcia, Anomaly detection based on sensor data in petroleum industry applications. Sensors. ,vol. 15, pp. 2774- 2797 ,(2015) , 10.3390/S150202774
Justin M. Beaver, Raymond C. Borges-Hink, Mark A. Buckner, An Evaluation of Machine Learning Methods to Detect Malicious SCADA Communications international conference on machine learning and applications. ,vol. 2, pp. 54- 59 ,(2013) , 10.1109/ICMLA.2013.105
Abdulmohsen Almalawi, Xinghuo Yu, Zahir Tari, Adil Fahad, Ibrahim Khalil, None, An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems Computers & Security. ,vol. 46, pp. 94- 110 ,(2014) , 10.1016/J.COSE.2014.07.005
Stavros Ntalampiras, Yannis Soupionis, Georgios Giannopoulos, A fault diagnosis system for interdependent critical infrastructures based on HMMs Reliability Engineering & System Safety. ,vol. 138, pp. 73- 81 ,(2015) , 10.1016/J.RESS.2015.01.024