Distributed Intrusion Detection System for SCADA Protocols

  • Igor Nai Fovino
  • Marcelo Masera
  • Michele Guglielmi
  • Andrea Carcano
  • Alberto Trombetta
Conference paper

DOI: 10.1007/978-3-642-16806-2_7

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 342)
Cite this paper as:
Fovino I.N., Masera M., Guglielmi M., Carcano A., Trombetta A. (2010) Distributed Intrusion Detection System for SCADA Protocols. In: Moore T., Shenoi S. (eds) Critical Infrastructure Protection IV. ICCIP 2010. IFIP Advances in Information and Communication Technology, vol 342. Springer, Berlin, Heidelberg

Abstract

This paper presents an innovative, distributed, multilayer approach for detecting known and unknown attacks on industrial control systems. The approach employs process event correlation, critical state detection and critical state aggregation. The paper also describes a prototype implementation and provides experimental results that validate the intrusion detection approach.

Keywords

Industrial control systems SCADA protocols intrusion detection 

Copyright information

© IFIP International Federation for Information Processing 2010

Authors and Affiliations

  • Igor Nai Fovino
  • Marcelo Masera
  • Michele Guglielmi
  • Andrea Carcano
  • Alberto Trombetta

There are no affiliations available

Personalised recommendations