کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
492883 721660 2014 6 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
SPEAR: A Systematic Approach for Connection Pattern-based Anomaly Detection in SCADA Systems
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر علوم کامپیوتر (عمومی)
پیش نمایش صفحه اول مقاله
SPEAR: A Systematic Approach for Connection Pattern-based Anomaly Detection in SCADA Systems
چکیده انگلیسی

The adoption of open and widely used standards led to an increase in the grade of exposure and vulnerability in Supervisory Control and Data Acquisition (SCADA) systems. Therefore, the development of novel Anomaly Detection Systems (ADSs) specifically for SCADA systems is receiving a considerable attention from the scientific community. This paper goes beyond existing proposals and provides not only a novel ADS, but also a novel methodology for automatically configuring Snort-based ADSs deployed in SCADA systems. The methodology includes a graphical interface, a formal language, and shell scripts, used to model SCADA topologies and to automatically generate ADS rules. The approach is validated through several experiments and shows good performance with large topologies involving 100 LANs, 1000 hosts and 100 ADSs.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Procedia Technology - Volume 12, 2014, Pages 168-173