A log mining approach for process monitoring in SCADA

被引:0
|
作者
Dina Hadžiosmanović
Damiano Bolzoni
Pieter H. Hartel
机构
[1] University of Twente,
来源
International Journal of Information Security | 2012年 / 11卷
关键词
ICS; SCADA; Security; SCADA log; Log analysis; Frequent pattern mining; Process related threat; HAZOP; PHEA; MELISSA;
D O I
暂无
中图分类号
学科分类号
摘要
SCADA (supervisory control and data acquisition) systems are used for controlling and monitoring industrial processes. We propose a methodology to systematically identify potential process-related threats in SCADA. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the SCADA process. To detect such threats, we propose a semi-automated approach of log processing. We conduct experiments on a real-life water treatment facility. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow.
引用
收藏
页码:231 / 251
页数:20
相关论文
共 50 条
  • [1] A log mining approach for process monitoring in SCADA
    Hadziosmanovic, Dina
    Bolzoni, Damiano
    Hartel, Pieter H.
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2012, 11 (04) : 231 - 251
  • [2] Bot log mining: An approach to the integrated analysis of Robotic Process Automation and process mining
    Egger, Andreas
    ter Hofstede, Arthur H. M.
    Kratsch, Wolfgang
    Leemans, Sander J. J.
    Roeglinger, Maximilian
    Wynn, Moe T.
    INFORMATION SYSTEMS, 2024, 126
  • [3] OBDA for Log Extraction in Process Mining
    Calvanese, Diego
    Kalayci, Tahir Emre
    Montali, Marco
    Santoso, Ario
    REASONING WEB: SEMANTIC INTEROPERABILITY ON THE WEB, 2017, 10370 : 292 - 345
  • [4] Mining the log-tree of process traces: current approach and future perspectives
    Canensi, L.
    Leonardi, G.
    Montani, S.
    Terenziani, P.
    2015 IEEE 27TH INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI 2015), 2015, : 310 - 316
  • [5] Monitoring the software bug-fixing process through the process mining approach
    Ozdagoglu, Guzin
    Kavuncubasi, Ece
    JOURNAL OF SOFTWARE-EVOLUTION AND PROCESS, 2019, 31 (07)
  • [6] Event Log Preprocessing for Process Mining: A Review
    Marin-Castro, Heidy M.
    Tello-Leal, Edgar
    APPLIED SCIENCES-BASEL, 2021, 11 (22):
  • [7] A Survey of Log Division Technique in Process Mining
    Lin L.-L.
    Wen L.-J.
    Qian C.
    Zong Z.
    Wang J.-M.
    Jisuanji Xuebao/Chinese Journal of Computers, 2022, 45 (09): : 1946 - 1968
  • [8] Bot Log Mining: Using Logs from Robotic Process Automation for Process Mining
    Egger, Andreas
    ter Hofstede, Arthur H. M.
    Kratsch, Wolfgang
    Leemans, Sander J. J.
    Roeglinger, Maximilian
    Wynn, Moe Thandar
    CONCEPTUAL MODELING, ER 2020, 2020, 12400 : 51 - 61
  • [9] A Constraint Programming Approach for Web Log Mining
    Kemmar, Amina
    Lebbah, Yahia
    Loudni, Samir
    INTERNATIONAL JOURNAL OF INFORMATION TECHNOLOGY AND WEB ENGINEERING, 2016, 11 (04) : 24 - 42
  • [10] Creation of an Event Log from a Low-Level Machinery Monitoring System for Process Mining Purposes
    Brzychczy, Edyta
    Trzcionkowska, Agnieszka
    INTELLIGENT DATA ENGINEERING AND AUTOMATED LEARNING (IDEAL 2018), PT II, 2018, 11315 : 54 - 63
12345