Projects per year
Abstract
Current state of the art intrusion detection and network monitoring systems have a tendency to focus on the ’Five-Tuple’ features (Protocol, IP src/dst and Port src/dest). As a result there is a gap in visibility of security at an application level. We propose a collection of network application layer metrics to provide a greater insight into SCADA communications. These metrics are devised from an analysis of the ICS threat landscape and the current state of the art detection systems. Our metrics are able to detect a range of adversary capabilities which goes beyond previous literature in the SCADA domain.
Original language | English |
---|---|
DOIs | |
Publication status | Published - Jan 2018 |
Event | 4th International Conference on Information Systems Security and Privacy - Portugal, Portugal Duration: 22 Jan 2018 → 24 Jan 2018 http://www.icissp.org/ |
Conference
Conference | 4th International Conference on Information Systems Security and Privacy |
---|---|
Country/Territory | Portugal |
Period | 22/01/2018 → 24/01/2018 |
Internet address |
Fingerprint
Dive into the research topics of 'Using Application Layer Metrics to Detect Advanced SCADA Attacks'. Together they form a unique fingerprint.Projects
- 1 Finished
-
R1594ECI: Analysing and Detecting Advanced Multistage Attacks Against ICS
13/01/2016 → 30/09/2018
Project: Research