Issue |
MATEC Web Conf.
Volume 173, 2018
2018 International Conference on Smart Materials, Intelligent Manufacturing and Automation (SMIMA 2018)
|
|
---|---|---|
Article Number | 01011 | |
Number of page(s) | 5 | |
Section | Modeling, Analysis, and Simulation of Intelligent Manufacturing Processes | |
DOI | https://doi.org/10.1051/matecconf/201817301011 | |
Published online | 19 June 2018 |
Behavior Based Anomaly Detection Model in SCADA System
1
State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, 100195 E-park C1 Norh, No. 80 Xingshikou Road, Haidian District, Beijing, China
2
School of Cyber Security, University of Chinese Academy of Sciences, 100049 No.19(A) Yuquan Road, Shijingshan District, Beijing, P.R.China
Corresponding author : author@e-mail.org
With the arrival of Industry 4.0, more and more industrial control systems are connected with the outside world, which brings tremendous convenience to industrial production and control, and also introduces many potential security hazards. After a large number of attack cases analysis, we found that attacks in SCADA systems can be divided into internal attacks and external attacks. Both types of attacks are inevitable. Traditional firewalls, IDSs and IPSs are no longer suitable for industrial control systems. Therefore, we propose behavior-based anomaly detection and build three baselines of normal behaviors. Experiments show that using our proposed detection model, we can quickly detect a variety of attacks on SCADA (Supervisory Control And Data Acquisition) systems.
© The Authors, published by EDP Sciences, 2018
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.