Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

21714 A Log Mining Approach for Process Monitoring in SCADA
Home Policy Brochure Browse Search User Area Contact Help

Hadžiosmanović, D. and Bolzoni, D. and Hartel, P.H. (2012) A Log Mining Approach for Process Monitoring in SCADA. International Journal of Information Security, 11 (4). pp. 231-251. ISSN 1615-5262 *** ISI Impact 1,279 ***

This is the latest version of this eprint.

Full text available as:


1335 Kb
Open Access

Official URL:

Exported to Metis


SCADA (Supervisory Control and Data Acquisition)
systems are used for controlling and monitoring industrial
processes. We propose a methodology to systematically identify
potential process-related threats in SCADA. Process-related
threats take place when an attacker gains user access rights
and performs actions, which look legitimate, but which are
intended to disrupt the SCADA process. To detect such threats,
we propose a semi-automated approach of log processing. We
conduct experiments on a real-life water treatment facility. A
preliminary case study suggests that our approach is effective in
detecting anomalous events that might alter the regular process

Item Type:Article
Research Group:EWI-DIES: Distributed and Embedded Security
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:MIDAS: Intrusion detection for SCADA
Uncontrolled Keywords:SCADA, security, intrusion detection, log analysis, pattern mining
ID Code:21714
Deposited On:04 April 2012
ISI Impact Factor:1,279
More Information:statisticsmetis

Available Versions of this Item

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item