MELISSA: Towards Automated Detection of Undesirable User Actions in Critical Infrastructures

D. Hadziosmanovic, D. Bolzoni, Pieter H. Hartel, Sandro Etalle

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    14 Citations (Scopus)
    180 Downloads (Pure)


    We address the detection of process-related threats in control systems used in critical infrastructures. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the industrial process. We use logs to detect anomalous patterns of user actions on process control application. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow.
    Original languageUndefined
    Title of host publicationProceedings of the European Conference on Computer Network Defense, EC2ND 2011
    Place of PublicationUSA
    Number of pages8
    ISBN (Print)978-0-7695-4762-6
    Publication statusPublished - Sept 2011
    EventEuropean Conference on Computer Network Defense, EC2ND 2011 - Gothenburg, Sweden
    Duration: 6 Sept 20118 Sept 2011

    Publication series

    PublisherIEEE Computer Society


    ConferenceEuropean Conference on Computer Network Defense, EC2ND 2011
    Other6-8 Sept 2011


    • METIS-279177
    • IR-78071
    • pattern mining
    • EWI-20502
    • SCADA
    • log
    • SCS-Cybersecurity
    • Security

    Cite this