EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


21714 A Log Mining Approach for Process Monitoring in SCADA
Home Policy Brochure Browse Search User Area Contact Help

Hadžiosmanović, D. and Bolzoni, D. and Hartel, P.H. (2012) A Log Mining Approach for Process Monitoring in SCADA. International Journal of Information Security, 11 (4). pp. 231-251. ISSN 1615-5262 *** ISI Impact 1,279 ***

This is the latest version of this eprint.

Full text available as:

PDF

1335 Kb
Open Access



Official URL: http://dx.doi.org/10.1007/s10207-012-0163-8

Exported to Metis

Abstract

SCADA (Supervisory Control and Data Acquisition)
systems are used for controlling and monitoring industrial
processes. We propose a methodology to systematically identify
potential process-related threats in SCADA. Process-related
threats take place when an attacker gains user access rights
and performs actions, which look legitimate, but which are
intended to disrupt the SCADA process. To detect such threats,
we propose a semi-automated approach of log processing. We
conduct experiments on a real-life water treatment facility. A
preliminary case study suggests that our approach is effective in
detecting anomalous events that might alter the regular process
workflow.

Item Type:Article
Research Group:EWI-DIES: Distributed and Embedded Security
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:MIDAS: Intrusion detection for SCADA
Uncontrolled Keywords:SCADA, security, intrusion detection, log analysis, pattern mining
ID Code:21714
Status:Published
Deposited On:04 April 2012
Refereed:Yes
International:Yes
ISI Impact Factor:1,279
More Information:statisticsmetis

Available Versions of this Item

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item