Smart Device Profiling for Smart SCADA

D. Hadziosmanovic, D. Bolzoni, Pieter H. Hartel

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademic

    Abstract

    SCADA (Supervisory Control and Data Acquisition) systems are computer systems used for monitoring and controlling industrial processes such as power plants and power grid systems, water, gas and oil distribution systems, production systems for food, cars and other products. We propose a new approach for regulating and detecting malicious behaviour of network devices in SCADA systems. Our approach consists of building proles that describe normal communication between pairs of devices in the network. Each prole describes four aspects of network communication: device ngerprint, connectivity pattern, pseudo-protocol pattern and packet content. We validate our approach using network trac from two real-life SCADA installations.
    Original languageUndefined
    Title of host publication14th International Symposium on Recent Advances in Intrusion Detection, RAID 2011
    Place of PublicationBerlin
    PublisherSpringer
    Pages-
    Number of pages2
    Publication statusPublished - 1 Sep 2011
    Event14th International Symposium on Recent Advances in Intrusion Detection - Menlo Park, United States
    Duration: 20 Sep 201121 Sep 2011

    Publication series

    NameLecture Notes in Computer Science

    Conference

    Conference14th International Symposium on Recent Advances in Intrusion Detection
    Abbreviated titleRAID 2011
    CountryUnited States
    CityMenlo Park
    Period20/09/1121/09/11

    Keywords

    • METIS-279183

    Cite this