Journal ArticleDOI
Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems
Niv Goldenberg,Avishai Wool +1 more
Reads0
Chats0
TLDR
A model-based intrusion detection system designed specifically for Modbus/TCP networks that successfully flagged real anomalies that were caused by technicians who were troubleshooting the HMI system and helped identify a PLC that was configured incorrectly.About:Â
This article is published in International Journal of Critical Infrastructure Protection.The article was published on 2013-06-01. It has received 268 citations till now. The article focuses on the topics: Modbus & Intrusion detection system.read more
Citations
More filters
Journal ArticleDOI
In-vehicle network intrusion detection using deep convolutional neural network
TL;DR: This paper proposes an intrusion detection system (IDS) based on a deep convolutional neural network (DCNN) to protect the CAN bus of the vehicle and demonstrates that the proposed IDS has significantly low false negative rates and error rates when compared to the conventional machine-learning algorithms.
Journal ArticleDOI
A survey of cyber security management in industrial control systems
TL;DR: This paper surveys the latest methodologies and research for measuring and managing industrial-control-system-specific security metrics and introduces the "functional assurance" concept to deal with fail-safe and fail-secure industrial control system operations.
Proceedings ArticleDOI
Sequence-aware Intrusion Detection in Industrial Control Systems
TL;DR: This paper shows how a specific series of "permitted" operations can elude standard intrusion detection systems and still damage an infrastructure, and presents a possible approach to the development of a sequence-aware intrusion detection system (S-IDS).
Journal ArticleDOI
Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems
TL;DR: This paper examines the contribution of the IDPSs in the SG paradigm, providing an analysis of 37 cases and identifies the limitations and the shortcomings of the current IDPS systems, whereas appropriate recommendations are provided for future research efforts.
Journal ArticleDOI
Design and Analysis of Multimodel-Based Anomaly Intrusion Detection Systems in Industrial Process Automation
TL;DR: A novel multimodel-based anomaly intrusion detection system with embedded intelligence and resilient coordination for the field control system in industrial process automation is designed and good performance in terms of high precision and good real-time capability is demonstrated.
References
More filters
Proceedings Article
Snort - Lightweight Intrusion Detection for Networks
TL;DR: Snort provides a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected.
Journal ArticleDOI
Security problems in the TCP/IP protocol suite
TL;DR: A variety of attacks based on a number of serious security flaws inherent in the TCP/IP protocols are described, including sequence number spoofed, routing attacks, source address spoofing, and authentication attacks.
Using Model-based Intrusion Detection for SCADA Networks
TL;DR: It is believed that model-based monitoring, which has the potential for detecting unknown attacks, is more feasible for control networks than for general enterprise networks.
Proceedings ArticleDOI
On SCADA control system command and response injection and intrusion detection
TL;DR: A set of command injection, data injection, and denial of service attacks which leverage the lack of authentication in many common control system communication protocols including MODBUS, DNP3, and EtherNET/IP are developed.
Proceedings ArticleDOI
A testbed for analyzing security of SCADA control systems (TASSCS)
TL;DR: A testbed designed to study and simulate the various available techniques for securing and protecting Supervisory Control and Data Acquisition (SCADA) systems against a wide range of cyber attacks is presented.