@inproceedings{133bc04a396645ffab7ebf72fb5d09cd,
title = "MEDUSA: Mining Events to Detect Undesirable uSer Actions in SCADA",
abstract = "Standard approaches for detecting malicious behaviors, e.g. monitoring network traffic, cannot address process-related threats in SCADA(Supervisory Control And Data Acquisition) systems. These threats take place when an attacker gains user access rights and performs actions which look legitimate, but which can disrupt the industrial process. We believe that it is possible to detect such behavior by analysing SCADA system logs. We present MEDUSA, an anomaly-based tool for detecting user actions that may negatively impact the system.",
keywords = "METIS-276147, EWI-18806, SCS-Cybersecurity, IR-74581",
author = "D. Hadziosmanovic and D. Bolzoni and Hartel, {Pieter H.}",
note = "10.1007/978-3-642-15512-3_33 ; 13th International Symposium on Recent Advances in Intrusion Detection, RAID 2010 ; Conference date: 15-09-2010 Through 17-09-2010",
year = "2010",
month = sep,
day = "15",
doi = "10.1007/978-3-642-15512-3_33",
language = "Undefined",
isbn = "978-3-642-15511-6",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "500--501",
editor = "Somesh Jha and Robin Sommer and Christian Kreibich",
booktitle = "Proceedings of the 13th International Symposium on Recent Advances in Intrusion Detection (RAID 2010)",
address = "Germany",
}