Abstract
Detecting network intrusions and anomalies in industrial control
systems is growing in urgency. Such systems used to be isolated but are now
being connected to the outside world. Even in the case of isolated networks,
privileged users may still present various threats to the system, either
accidentally or intentionally. Also malfunctions in devices may cause
anomalous traffic. Anomaly detection based network monitoring and intrusion
detection systems could be capable of discerning normal and aberrant traffic
in industrial control systems, detecting security incidents in an early
phase. In this paper we discuss the challenges for such a monitoring system.
One of the challenges is which features best differentiate between anomalous
and normal behaviour. In the analysis, special focus is placed on this
selection
Original language | English |
---|---|
Title of host publication | Proceedings |
Subtitle of host publication | 26th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012 |
Place of Publication | Fukuoka, Japan |
Publisher | IEEE Institute of Electrical and Electronic Engineers |
Pages | 968-972 |
ISBN (Print) | 978-1-4673-0867-0, 978-0-7695-4652-0 |
DOIs | |
Publication status | Published - 2012 |
MoE publication type | Not Eligible |
Event | 26th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012 - Fukuoka, Japan Duration: 26 Mar 2012 → 29 Mar 2012 |
Conference
Conference | 26th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012 |
---|---|
Abbreviated title | WAINA 2012 |
Country/Territory | Japan |
City | Fukuoka |
Period | 26/03/12 → 29/03/12 |
Keywords
- Industrial control
- intrusion detection
- machine learning
- monitoring
- production facilities
- protocols