MELISSA: Towards Automated Detection of Undesirable User Actions in Critical Infrastructures

D. Hadziosmanovic, D. Bolzoni, Pieter H. Hartel, Sandro Etalle

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    13 Citations (Scopus)
    112 Downloads (Pure)

    Abstract

    We address the detection of process-related threats in control systems used in critical infrastructures. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the industrial process. We use logs to detect anomalous patterns of user actions on process control application. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow.
    Original languageUndefined
    Title of host publicationProceedings of the European Conference on Computer Network Defense, EC2ND 2011
    Place of PublicationUSA
    PublisherIEEE Computer Society
    Pages41-48
    Number of pages8
    ISBN (Print)978-0-7695-4762-6
    DOIs
    Publication statusPublished - Sep 2011
    EventEuropean Conference on Computer Network Defense, EC2ND 2011 - Gothenburg, Sweden
    Duration: 6 Sep 20118 Sep 2011

    Publication series

    Name
    PublisherIEEE Computer Society

    Conference

    ConferenceEuropean Conference on Computer Network Defense, EC2ND 2011
    Period6/09/118/09/11
    Other6-8 Sept 2011

    Keywords

    • METIS-279177
    • IR-78071
    • pattern mining
    • EWI-20502
    • SCADA
    • log
    • SCS-Cybersecurity
    • Security

    Cite this