Abstract
Supervisory Control and Data Acquisition (SCADA) systems are a critical part of large industrial facilities, such as water distribution infrastructures. With the goal of reducing costs and increasing efficiency, these systems are becoming increasingly interconnected. However, this has also exposed them to a wide range of network security problems. Our research focus on the development of a novel flow-based intrusion detection system. Based on the assumption that SCADA networks are well-behaved, we believe that it is possible to model the normal traffic by establishing relations between network flows. To improve accuracy and provide more information on the anomalous traffic, we will also research methods to derive a flow-based model for anomalous flows.
Chapter PDF
Similar content being viewed by others
Keywords
- Intrusion Detection
- Intrusion Detection System
- Industrial Control System
- Remote Terminal Unit
- Critical Infrastructure Protection
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Igure, V., Laughter, S., Williams, R.: Security issues in SCADA networks. Computers & Security 25(7), 498–506 (2006)
Slay, J., Miller, M.: Lessons learned from the maroochy water breach. International Federation for Information Processing 253, 73 (2008)
Beckner, W.D.: NRC Information Notice 2003-14: Potential Vulnerability of Plant Computer Network to Worm Infection (2003)
Luiijf, E.: SCADA Security Good Practices for the Drinking Water Sector. Technical Report - tno.nl (2008)
Stouffer, K., Falco, J., Kent, K.: Guide to supervisory control and data acquisition (SCADA) and industrial control systems security (2006)
Naess, E., Frincke, D., McKinnon, A., Bakken, D.: Configurable Middleware-Level Intrusion Detection for Embedded Systems. In: 25th IEEE International Conference on Distributed Computing Systems Workshops, pp. 144–151 (2005)
Valdes, A., Cheung, S.: Intrusion Monitoring in Process Control Systems. In: Proceedings of the Forty-Second Hawaii International Conference on System Sciences, p. 17 (2009)
Cárdenas, A., Amin, S., Sastry, S.: Research challenges for the security of control systems. In: Proceedings of 3rd USENIX workshop on Hot Topics in Security (HotSec), San Jose, CA, USA (2008)
Rrushi, J., Kang, K.d.: Detecting Anomalies in Process Control Networks. In: Critical Infrastructure Protection III: Third IFIP WG 11. 10 International Conference, Hanover, New Hampshire, USA, pp. 151–165. Springer, Heidelberg (2009)
Kannan, J., Jung, J., Paxson, V., Koksal, C.: Semi-automated discovery of application session structure. In: Proceedings of the 6th ACM SIGCOMM conference on Internet measurement, p. 132. ACM, New York (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Barbosa, R.R.R., Pras, A. (2010). Intrusion Detection in SCADA Networks. In: Stiller, B., De Turck, F. (eds) Mechanisms for Autonomous Management of Networks and Services. AIMS 2010. Lecture Notes in Computer Science, vol 6155. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13986-4_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-13986-4_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13985-7
Online ISBN: 978-3-642-13986-4
eBook Packages: Computer ScienceComputer Science (R0)