Data clustering-based anomaly detection in industrial control systems

Proceedings - 2014 IEEE 10th International Conference on Intelligent Computer Communication and Processing, ICCP 2014

Volumn , Issue , 2014, Pages 275-281

  Kiss, Istvan ^a   Genge, Bela ^b   Haller, Piroska ^b   Sebestyen, Gheorghe ^a  

^a TECHNICAL UNIVERSITY OF CLUJ NAPOCA   (Romania)

^b UNIVERSITY OF MEDICINE AND PHARMACY   (Romania)

Author keywords

anomaly detection; big data; clustering; cyber physical security; intrusion detection

Indexed keywords

BIG DATA; CLASSIFICATION (OF INFORMATION); CLUSTER ANALYSIS; CLUSTERING ALGORITHMS; COMPRESSIBILITY OF GASES; COMPUTER CRIME; CRIME; DATA MINING; GAS COMPRESSORS; INTRUSION DETECTION; LARGE DATASET; NETWORK SECURITY;

ANOMALY DETECTION SYSTEMS; CLUSTERING; CLUSTERING TECHNIQUES; COMPRESSOR STATIONS; CYBER-PHYSICAL SECURITIES; INDUSTRIAL CONTROL SYSTEMS; INTRUSION DETECTION SYSTEMS; PROCESSING ENVIRONMENTS;

ANOMALY DETECTION;

EID: 84913609480     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICCP.2014.6937009     Document Type: Conference Paper

References (20)

1. I. N. Fovino, A. Carcano, M. Masera and A. Trombetta, "An experimental investigation of malware attacks on SCADA systems," Int. J. Critical Infrastruct. Protection, vol. 2, no. 4, pp. 139-145, 2009.
2. B. Genge and C. Siaterlis, "Physical process resilience-aware network design for SCADA systems," Computers & Electrical Engineering, Elsevier, vol. 40, no. 1, pp. 142-157, 2014.
3. B. Genge and C. Siaterlis, "Analysis of the Effects of Distributed Denial-of-Service Attacks on MPLS Networks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 6, no. 2, pp. 87-95, 2013.
4. T. Chen and S. Abu-Nimeh, "Lessons from Stuxnet," Computer, vol. 44, no. 4, pp. 91-93, Apr. 2011.
5. D. McElroy and C. Williams, "Flame: World's Most Complex Computer Virus Exposed," Jul. 2013. [Online]. Available: http://www.telegraph.co.uk/news/worldnews/middleeast/iran/9295938/Flame-worlds-most-complex-computer-virus-exposed.html.
6. R. Tehan, "Cybersecurity: Authoritative Reports and Resources, by Topic," in Congressional Research Service, April 3, 2014.
7. S. Batsell, N. Rao and M. Shankar, "Distributed Intrusion Detection and Attack Containment for Organizational Cyber Security," 2007.
8. M. Bossardt, T. Dübendorfer and B. Plattner, "Enhanced Internet security by a distributed traffic control service based on traffic ownership," Network and Computer Applications, vol. 30, no. 3, p. 841-857, August 2007.
9. B. Dharamkar and R. R. Singh, "A Review of Cyber Attack Classification Technique Based on Data Mining and Neural Network Approach," IJCTT, vol. 7, no. 2, pp. 100-105, 2014.
10. V. Richharya, D. J. Rana, D. R. Jain and D. K. K. Pandey, "Design of Trust Model For Efficient Cyber Attack Detection on Fuzzified Large Data using Data Mining techniques," International Journal of Research in Computer and Communication Technology, vol. 2, no. 3, 2013.
11. T. Bass, "Intrusion Detection Systems & Multisensor Data Fusion: Creating Cyberspace Situational Awareness," Communications of the ACM, vol. 43, no. 4, pp. 99-105, 2001.
12. D. Barbara, J. Couto, S. Jajodia and N. Wu, "ADAM: A testbed for exploring the use of data mining in intrusion detection," SIGMOD, vol. 130, no. 4, pp. 15-28, 2001.
13. O. Linda, M. Manic, T. Vollmer and J. Wright, "Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor," Computational Intelligence in Cyber Security (CICS), 2011 IEEE Symposium on, pp. 202-209, April 2011.
14. A. Teixeira, D. Pérez, H. Sandberg and K. H. Johansson, "Attack Models and Scenarios for Networked Control Systems," High Confidence Networked Systems, pp. 55-64, 2012.
15. C. Siaterlis, B. Genge and M. Hohenadel, "EPIC: A Testbed for Scientifically Rigorous Cyber-Physical Security Experimentation," Emerging Topics in Computing, IEEE Transactions on, vol. 1, pp. 319,330, Dec. 2013.
16. B. Genge, C. Siaterlis and G. Karopoulos, "Data fusion-base anomaly detection in networked critical infrastructures," Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP Conference on, pp. 1-8, June 2013.
17. B. Genge, D. Rusu and P. Haller, "A Connection Pattern-based Approach to Detect Network Traffic Anomalies in Critical Infrastructures," 2014 ACM European Workshop on System Security (EuroSec2014), Amsterdam, The Netherlands, pp. 1-6, 2014.
18. H. Kim, I. Kim and T.-M. Chung, "Abnormal Behavior Detection Technique Based on Big Data," in Frontier and Innovation in Future Computing and Communications, vol. 301, Springer Netherlands, 2014, pp. 553-563.
19. L. Aniello, A. Bondavalli, A. Ceccarelli, C. Ciccotelli, M. Cinque, F. Frattini, A. Guzzo, A. Pecchia, A. Pugliese, L. Querzoni and S. Russo, "Big Data in Critical Infrastructures Security Monitoring: Challenges and Opportunities," in BIG4CIP-2014, May 2014.
20. K. Hammouda and F. Karray, "A Comparative Study of Data Clustering Techniques," 2000.