Cyber-Critical Infrastructure Protection Using Real-Time Payload-Based Anomaly Detection
作者: Christof Störmann , Jan Kästner , Patrick Düssel , Christian Gehl , Pavel Laskov
DOI: 10.1007/978-3-642-14379-3_8
关键词: Protocol (object-oriented programming) 、 Industrial control system 、 Computer science 、 Payload 、 Exploit 、 Critical infrastructure protection 、 Throughput (business) 、 Computer security 、 Anomaly detection 、 Intrusion detection system
摘要: With an increasing demand of inter-connectivity and protocol standardization modern cyber-critical infrastructures are exposed to a multitude serious threats that may give rise severe damage for life assets without the implementation proper safeguards. Thus, we propose method is capable reliably detect unknown, exploit-based attacks on carried out over network. We illustrate effectiveness proposed by conducting experiments network traffic can be found in industrial control systems. Moreover, provide results throughput measuring which demonstrate real-time capabilities our system.
springer.com
harvard.edu
core.ac.uk
acm.org 
sci-hub.st 参考文章(14)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Joseph Migga Kizza, Computer Network Security ,(2005)
Ke Wang, Janak J. Parekh, Salvatore J. Stolfo, Anagram: A Content Anomaly Detector Resistant to Mimicry Attack Lecture Notes in Computer Science. pp. 226- 248 ,(2006) , 10.1007/11856214_12
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
Christopher Krügel, Thomas Toth, Engin Kirda, Service specific anomaly detection for network intrusion detection acm symposium on applied computing. pp. 201- 208 ,(2002) , 10.1145/508791.508835
Wenke Lee, Salvatore J. Stolfo, A framework for constructing features and models for intrusion detection systems ACM Transactions on Information and System Security. ,vol. 3, pp. 227- 261 ,(2000) , 10.1145/382912.382914
Konrad Rieck, Pavel Laskov, Language models for detection of unknown attacks in network traffic Journal in Computer Virology. ,vol. 2, pp. 243- 256 ,(2007) , 10.1007/S11416-006-0030-0
Salvatore D’Antonio, Francesco Oliviero, Roberto Setola, None, High-Speed Intrusion Detection in Support of Critical Infrastructure Protection Critical Information Infrastructures Security. pp. 222- 234 ,(2006) , 10.1007/11962977_18
Patrick Düssel, Christian Gehl, Pavel Laskov, Konrad Rieck, Incorporation of Application Layer Protocol Syntax into Anomaly Detection international conference on information systems security. pp. 188- 202 ,(2008) , 10.1007/978-3-540-89862-7_17
Matthew V. Mahoney, Philip K. Chan, Learning nonstationary models of normal network traffic for detecting novel attacks Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '02. pp. 376- 385 ,(2002) , 10.1145/775047.775102