Abstract
This paper presents the design, development, and validation of an ontology based SCADA intrusion detection system. The proposed system analyses SCADA network communications and can derive additional information based on the background knowledge and ontology models to enhance the intrusion detection data. The developed intrusion model captures network communications, cyber attacks and the context within the SCADA domain. Moreover, a set of semantic rules were constructed to detect various attacks and extract logical relationships among these attacks. The presented framework was extensively evaluated and a comparison to the state of the art is provided.
Original language | English |
---|---|
Title of host publication | Proceedings of the 13th International Joint Conference on e-Business and Telecommunications |
Pages | 327-335 |
Number of pages | 9 |
Volume | 4: SECRYPT |
ISBN (Electronic) | 978-989-758-196-0 |
DOIs | |
Publication status | Published - 01 Jul 2016 |
Event | 13th International Conference on Security and Cryptography (SECRYPT) - Lisbon, Portugal Duration: 26 Jul 2016 → 29 Jul 2016 Conference number: 13 http://www.secrypt.icete.org/?y=2016 |
Conference
Conference | 13th International Conference on Security and Cryptography (SECRYPT) |
---|---|
Abbreviated title | SECRYPT |
Country | Portugal |
City | Lisbon |
Period | 26/07/2016 → 29/07/2016 |
Internet address |
Keywords
- Semantics
- Ontology
- industrial control system
- Security
- SCADA
- Attacks
- modelling
- knowledge and context