Please use this identifier to cite or link to this item:
|Title:||State-based Network Intrusion Detection Systems for SCADA Protocols, a Proof of Concept|
|Authors:||NAI FOVINO Igor; CARCANO Andrea; MASERA Marcelo; TROMBETTA Alberto|
|Citation:||Lecture Notes in Computer Science - Critical Information Infrastructures Security vol. 6027 p. 138-150|
|Type:||Contributions to Conferences|
|Abstract:||We present a novel Intrusion Detection System able to detect complex attacks to SCADA systems. By complex attack, we mean a set of commands (carried in Modbus packets) that, while licit when considered in isolation on a single-packet basis, interfere with the correct behavior of the system. The proposed IDS detects such attacks thanks to an internal representation of the controlled SCADA system and a corresponding rule language, powerful enough to express the system's critical states. Furthermore, we detail the implementation and provide experimental comparative results.|
|JRC Institute:||Institute for the Protection and Security of the Citizen|
Files in This Item:
There are no files associated with this item.
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.