Abstract
This paper presents the design, development, and validation of an ontology based SCADA intrusion detection system. The proposed system analyses SCADA network communications and can derive additional information based on the background knowledge and ontology models to enhance the intrusion detection data. The developed intrusion model captures network communications, cyber attacks and the context within the SCADA domain. Moreover, a set of semantic rules were constructed to detect various attacks and extract logical relationships among these attacks. The presented framework was extensively evaluated and a comparison to the state of the art is provided.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 13th International Joint Conference on e-Business and Telecommunications |
| Pages | 327-335 |
| Number of pages | 9 |
| Volume | 4: SECRYPT |
| ISBN (Electronic) | 978-989-758-196-0 |
| DOIs | |
| Publication status | Published - 01 Jul 2016 |
| Event | 13th International Conference on Security and Cryptography (SECRYPT) - Lisbon, Portugal Duration: 26 Jul 2016 → 29 Jul 2016 Conference number: 13 http://www.secrypt.icete.org/?y=2016 |
Conference
| Conference | 13th International Conference on Security and Cryptography (SECRYPT) |
|---|---|
| Abbreviated title | SECRYPT |
| Country | Portugal |
| City | Lisbon |
| Period | 26/07/2016 → 29/07/2016 |
| Internet address |
Keywords
- Semantics
- Ontology
- industrial control system
- Security
- SCADA
- Attacks
- modelling
- knowledge and context
Fingerprint Dive into the research topics of 'OSCIDS: An Ontology based SCADA Intrusion Detection Framework'. Together they form a unique fingerprint.
Cite this
Al Balushi, A., McLaughlin, K., & Sezer, S. (2016). OSCIDS: An Ontology based SCADA Intrusion Detection Framework. In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (Vol. 4: SECRYPT, pp. 327-335) https://doi.org/10.5220/0005969803270335