An approach to detect malicious activities in SCADA systems

T. C. Pramod, N. Sunitha
{"title":"An approach to detect malicious activities in SCADA systems","authors":"T. C. Pramod, N. Sunitha","doi":"10.1109/ICCCNT.2013.6726619","DOIUrl":null,"url":null,"abstract":"Supervisory Control and Data Acquisition System (SCADA) is an emerging application for industrial automation. It is being widely used in critical infrastructure for monitoring and controlling the activities. The collaborative environment and interconnectivity of SCADA system needs communications and transmission of sensed real time data like status of machines, breaks and leakages in the system across various devices in the industrial plant. Such real time data provoke security breaches to SCADA systems and results in compromise of availability, integrity, confidentiality and trust relationship between the devices of SCADA systems. As the numbers of deliberate cyber attacks on these systems are increasing, providing a scheme to identify malicious activities and defend the attacks; thereby create secure environment for SCADA systems is an essential task. By considering constraints and efficiency requirements for such networks, we are proposing a scheme that uses Log to identify some malicious activities through continuous monitoring. In Log, we have only prioritized some parameters that help us to detect some vulnerable activities and at node level by using cooperative monitoring the nodes itself takes care of some attacks. In this new approach Log analysis for the identification of malicious activities is made using cluster based architecture. This work also considers the constraints of the SCADA system thereby providing an elegant identification of malicious activities for the current SCADA system.","PeriodicalId":6330,"journal":{"name":"2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT)","volume":"58 1","pages":"1-7"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCNT.2013.6726619","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9

Abstract

Supervisory Control and Data Acquisition System (SCADA) is an emerging application for industrial automation. It is being widely used in critical infrastructure for monitoring and controlling the activities. The collaborative environment and interconnectivity of SCADA system needs communications and transmission of sensed real time data like status of machines, breaks and leakages in the system across various devices in the industrial plant. Such real time data provoke security breaches to SCADA systems and results in compromise of availability, integrity, confidentiality and trust relationship between the devices of SCADA systems. As the numbers of deliberate cyber attacks on these systems are increasing, providing a scheme to identify malicious activities and defend the attacks; thereby create secure environment for SCADA systems is an essential task. By considering constraints and efficiency requirements for such networks, we are proposing a scheme that uses Log to identify some malicious activities through continuous monitoring. In Log, we have only prioritized some parameters that help us to detect some vulnerable activities and at node level by using cooperative monitoring the nodes itself takes care of some attacks. In this new approach Log analysis for the identification of malicious activities is made using cluster based architecture. This work also considers the constraints of the SCADA system thereby providing an elegant identification of malicious activities for the current SCADA system.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
一种检测SCADA系统中恶意活动的方法
监控与数据采集系统(SCADA)是一种新兴的工业自动化应用。它被广泛应用于监测和控制活动的关键基础设施中。SCADA系统的协作环境和互联性需要在工业工厂的各种设备之间通信和传输感测的实时数据,如机器状态,系统中的中断和泄漏。这些实时数据给SCADA系统带来了安全隐患,导致SCADA系统设备之间的可用性、完整性、保密性和信任关系受到损害。随着针对这些系统的蓄意网络攻击数量的增加,提供一种识别恶意活动和防御攻击的方案;因此,为SCADA系统创造安全的环境是一项必不可少的任务。考虑到此类网络的约束和效率要求,我们提出了一种利用日志通过持续监控来识别某些恶意活动的方案。在Log中,我们只对一些参数进行了优先级排序,这些参数可以帮助我们检测一些易受攻击的活动,在节点级别上,通过使用协作监控,节点本身可以处理一些攻击。该方法采用基于集群的日志分析架构,对恶意活动进行识别。这项工作还考虑了SCADA系统的约束,从而为当前的SCADA系统提供了一种优雅的恶意活动识别。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
“Multi-tenant SaaS cloud” Reduced order linear functional observers for large scale linear discrete-time control systems Multi pattern matching technique on fragmented and out-of-order packet streams for intrusion detection system Detection and tracking of moving objects by fuzzy textures Evacuation map generation using maze routing
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1