Title :
Communication pattern anomaly detection in process control systems
Author :
Valdes, Alfonso ; Cheung, Steven
Author_Institution :
SRI Int., Menlo Park, CA, USA
Abstract :
Digital control systems are increasingly being deployed in critical infrastructure such as electric power generation and distribution. To protect these process control systems, we present a learning-based approach for detecting anomalous network traffic patterns. These anomalous patterns may correspond to attack activities such as malware propagation or denial of service. Misuse detection, the mainstream intrusion detection approach used today, typically uses attack signatures to detect known, specific attacks, but may not be effective against new or variations of known attacks. Our approach, which does not rely on attack-specific knowledge, may provide a complementary detection capability for protecting digital control systems.
Keywords :
digital control; digital signatures; telecommunication control; telecommunication traffic; anomalous network traffic pattern detection; attack signature; digital control system; learning-based approach; misuse detection; process control system; Communication system traffic control; Computer crime; Distributed control; Intrusion detection; Learning; Master-slave; Pattern matching; Process control; Programmable control; Training data;
Conference_Titel :
Technologies for Homeland Security, 2009. HST '09. IEEE Conference on
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4244-4178-5
DOI :
10.1109/THS.2009.5168010
