Cruz et al., 2016 - Google Patents
A cybersecurity detection framework for supervisory control and data acquisition systemsCruz et al., 2016
- Document ID
- 12616318637775031672
- Author
- Cruz T
- Rosa L
- Proença J
- Maglaras L
- Aubigny M
- Lev L
- Jiang J
- Simões P
- Publication year
- Publication venue
- IEEE Transactions on Industrial Informatics
External Links
Snippet
This paper presents a distributed intrusion detection system (DIDS) for supervisory control and data acquisition (SCADA) industrial control systems, which was developed for the CockpitCI project. Its architecture was designed to address the specific characteristics and …
- 238000001514 detection method 0 title abstract description 60
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Cruz et al. | A cybersecurity detection framework for supervisory control and data acquisition systems | |
Pliatsios et al. | A survey on SCADA systems: secure protocols, incidents, threats and tactics | |
Siniosoglou et al. | A unified deep learning anomaly detection and classification approach for smart grid environments | |
Yadav et al. | Architecture and security of SCADA systems: A review | |
Zolanvari et al. | Machine learning-based network vulnerability analysis of industrial Internet of Things | |
Suomalainen et al. | Machine learning threatens 5G security | |
Lima Filho et al. | Smart detection: an online approach for DoS/DDoS attack detection using machine learning | |
Radoglou-Grammatikis et al. | Spear siem: A security information and event management system for the smart grid | |
Pan et al. | Context aware intrusion detection for building automation systems | |
Li et al. | A critical review of cyber-physical security for building automation systems | |
Wang et al. | Anomaly detection for insider attacks from untrusted intelligent electronic devices in substation automation systems | |
Zheng et al. | Smart grid: Cyber attacks, critical defense approaches, and digital twin | |
Foglietta et al. | From detecting cyber-attacks to mitigating risk within a hybrid environment | |
Gaspar et al. | Smart substation communications and cybersecurity: A comprehensive survey | |
Cruz et al. | Improving cyber-security awareness on industrial control systems: The cockpitci approach | |
Skopik et al. | synERGY: Cross-correlation of operational and contextual data to timely detect and mitigate attacks to cyber-physical systems | |
Halman et al. | MCAD: a machine learning based cyberattacks detector in software-defined networking (SDN) for healthcare systems | |
Singh et al. | Cyber kill chain-based hybrid intrusion detection system for smart grid | |
Noor et al. | An intelligent context-aware threat detection and response model for smart cyber-physical systems | |
Waagsnes et al. | Intrusion Detection System Test Framework for SCADA Systems. | |
Li et al. | Network security in the industrial control system: A survey | |
Mashima et al. | Cybersecurity for Modern Smart Grid Against Emerging Threats | |
Pan et al. | Anomaly behavior analysis for building automation systems | |
Hahn | Cyber security of the smart grid: Attack exposure analysis, detection algorithms, and testbed evaluation | |
Tay et al. | Taxonomy of fingerprinting techniques for evaluation of smart grid honeypot realism |