A log mining approach for process monitoring in SCADA (2012)

Title A log mining approach for process monitoring in SCADA
Published in International Journal of Information Security, Vol. 11, p.231-251. ISSN 1615-5262.
Author Hadziosmanovic, Dina; Bolzoni, Damiano; Hartel, Pieter
Date 2012-08-08
Type Article
Publisher Springer
Abstract SCADA (Supervisory Control and Data Acquisition) systems are used for controlling and monitoring industrial processes. We propose a methodology to systematically identify potential process-related threats in SCADA. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the SCADA process. To detect such threats, we propose a semi-automated approach of log processing. We conduct experiments on a real-life water treatment facility. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow.
Persistent Identifier URN:NBN:NL:UI:28-80023
Metadata XML
Repository University of Twente

Go to page top
Go back to contents
Go back to site navigation