Title :
SCADA Intrusion Detection System based on temporal behavior of frequent patterns
Author :
Sayegh, N. ; Elhajj, I.H. ; Kayssi, Ayman ; Chehab, Ali
Author_Institution :
Dept. of Electr. & Comput. Eng., American Univ. of Beirut, Beirut, Lebanon
Abstract :
The vital role Supervisory Control And Data Acquisition (SCADA) systems play in controlling the modern infrastructure; along with the rapid evolution of these systems have turned them into one of the most desired targets for malicious attackers. Moreover, SCADA-specific attacks are becoming more sophisticated, and yet security measures are deployed at a very slow pace. In this work, we present a SCADA-specific Intrusion Detection System (IDS) that detects SCADA attacks based on their network traffic behavior, namely the temporal behavior of frequent patterns of the SCADA protocols. The IDS raises alarms when abnormal behavior is identified. The results showed that the IDS is able to detect attacks at a high rate while keeping false alarms at a minimum rate.
Keywords :
SCADA systems; cryptographic protocols; pattern recognition; SCADA protocols; frequent patterns; intrusion detection system; malicious attackers; supervisory control and data acquisition; temporal behavior; Conferences; Correlation; Feature extraction; Histograms; Mathematical model; Protocols; SCADA systems; Intrusion detection systems; SCADA systems; Temporal Frequent Patterns;
Conference_Titel :
Mediterranean Electrotechnical Conference (MELECON), 2014 17th IEEE
Conference_Location :
Beirut
DOI :
10.1109/MELCON.2014.6820573
