loading
Papers

Research.Publish.Connect.

Paper

Authors: Peter Maynard ; Kieran McLaughlin and Sakir Sezer

Affiliation: Queen's University Belfast, United Kingdom

ISBN: 978-989-758-282-0

Keyword(s): ICS, IDS, Network, SCADA, Security, SIEM.

Related Ontology Subjects/Areas/Topics: Computer-Supported Education ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Internet Technology ; Intrusion Detection and Response ; Security ; Security and Privacy ; Web Information Systems and Technologies

Abstract: Current state-of-the-art intrusion detection and network monitoring systems have a tendency to focus on the ‘Five-Tuple’ features (protocol, IP src/dst and port src/dest). As a result there is a gap in visibility of security at an application level. We propose a collection of network application layer metrics to provide a greater insight into SCADA communications. These metrics are devised from an analysis of the industrial control system (ICS) threat landscape and the current state-of-the-art detection systems. Our metrics are able to detect a range of adversary capabilities which goes beyond previous literature in the SCADA domain.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.231.228.109

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Maynard, P.; McLaughlin, K. and Sezer, S. (2018). Using Application Layer Metrics to Detect Advanced SCADA Attacks.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-282-0, pages 418-425. DOI: 10.5220/0006656204180425

@conference{icissp18,
author={Peter Maynard. and Kieran McLaughlin. and Sakir Sezer.},
title={Using Application Layer Metrics to Detect Advanced SCADA Attacks},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2018},
pages={418-425},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006656204180425},
isbn={978-989-758-282-0},
}

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Using Application Layer Metrics to Detect Advanced SCADA Attacks
SN - 978-989-758-282-0
AU - Maynard, P.
AU - McLaughlin, K.
AU - Sezer, S.
PY - 2018
SP - 418
EP - 425
DO - 10.5220/0006656204180425

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.