Modeling And Detecting Anomalies In Scada Systems
نویسندگان
چکیده
The detection of attacks and intrusions based on anomalies is hampered by the limits of specificity underlying the detection techniques. However, in the case of many critical infrastructure systems, domain-specific knowledge and models can impose constraints that potentially reduce error rates. At the same time, attackers can use their knowledge of system behavior to mask their manipulations, causing adverse effects to observed only after a significant period of time. This paper describes elementary statistical techniques that can be applied to detect anomalies in critical infrastructure networks. A SCADA system employed in liquefied natural gas (LNG) production is used as a case study.
منابع مشابه
A Petri-net Model for Operational Cycle in SCADA Systems
Supervisory control and data acquisition (SCADA) system monitors and controls industrial processes in critical infrastructures (CIs) and plays the vital role in maintaining the reliability of CIs such as power, oil, and gas system. In fact, SCADA system refers to the set of control process, which measures and monitors sensors in remote substations from a control center. These sensors usually ha...
متن کاملA real time OCSVM Intrusion Detection module with low overhead for SCADA systems
In this paper we present a intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition) system. Malicious data in a SCADA system disrupt its correct functioning and tamper with its normal operation. OCSVM (One-Class Support Vector Machine) is an intrusion detection mechanism that does not need any labeled data for training or an...
متن کاملAdopting Flocks of Birds Approach to Predator for Anomalies Detection on Industrial Control Systems
Industrial Control Systems (ICS) such as Supervisory Control And Data Acquisition (SCADA) can be seen in many different critical infrastructures, from nuclear management to utility, medical equipment, power, waste and engine management on ships and planes. The role SCADA plays in critical infrastructure has resulted in a call to secure them. Many lives depend on it for daily activities and the ...
متن کاملA Trust-Based Approach for Detecting Compromised Nodes in SCADA Systems
Nowadays, many critical infrastructures are monitored by SCADA systems processing data obtained by underlying sensor networks. Modern SCADA systems are usually networked, also using wireless connections. Thus, security concerns are crucial when developing SCADA applications, as they are increasingly vulnerable to cyber attacks. In this context, the detection of misbehaving nodes is a key issue,...
متن کاملیک سامانه مدیریت دسترسی برای کاهش تهدیدهای عملیاتی در سامانه اسکادا
One of the most dangerous insider threats in a supervisory control and data acquisition (SCADA) system is the operational threat. An operational threat occurs when an authorized operator misuses the permissions, and brings catastrophic damages by sending legitimate control commands. Providing too many permissions may backfire, when an operator wrongly or deliberately abuses the privileges. Ther...
متن کامل