Communication Pattern Anomaly Detection in Process Control Systems
by Dr. Steven Cheung & Alfonso Valdes.
2009 IEEE International Conference on Technologies for Homeland Security.
May 11-12, 2009.
Digital control systems are increasingly being deployed
in critical infrastructure such as electric power generation and
distribution. To protect these process control systems, we present
a learning-based approach for detecting anomalous network
traffic patterns. These anomalous patterns may correspond to
attack activities such as malware propagation or denial of
service. Misuse detection, the mainstream intrusion detection
approach used today, typically uses attack signatures to detect
known, specific attacks, but may not be effective against new or
variations of known attacks. Our approach, which does not rely
on attack-specific knowledge, may provide a complementary
detection capability for protecting digital control systems.
author = "Alfonso Valdes and Steven Cheung",
title = "Communication Pattern Anomaly Detection in Process Control Systems",
booktitle = "2009 IEEE International Conference on Technologies for Homeland Security",
address = "Waltham, MA",
month = may # "~11--12,",
year = 2009