A log mining approach for process monitoring in SCADA

被引:0
|
作者
Dina Hadžiosmanović
Damiano Bolzoni
Pieter H. Hartel
机构
[1] University of Twente,
来源
International Journal of Information Security | 2012年 / 11卷
关键词
ICS; SCADA; Security; SCADA log; Log analysis; Frequent pattern mining; Process related threat; HAZOP; PHEA; MELISSA;
D O I
暂无
中图分类号
学科分类号
摘要
SCADA (supervisory control and data acquisition) systems are used for controlling and monitoring industrial processes. We propose a methodology to systematically identify potential process-related threats in SCADA. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the SCADA process. To detect such threats, we propose a semi-automated approach of log processing. We conduct experiments on a real-life water treatment facility. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow.
引用
收藏
页码:231 / 251
页数:20
相关论文
共 50 条
  • [31] On monitoring the standard deviation of log-normal process
    Akhtar, Noureen
    Abid, Muhammad
    Amir, Muhammad Wasim
    Riaz, Muhammad
    Nazir, Hafiz Zafar
    QUALITY AND RELIABILITY ENGINEERING INTERNATIONAL, 2024, 40 (05) : 2509 - 2526
  • [32] Process approach in the mining conditions
    Markulik, Stefan
    Cehlar, Michal
    Kozel, Robert
    ACTA MONTANISTICA SLOVACA, 2018, 23 (01) : 46 - 52
  • [33] Evaluating web access log mining algorithms: A cognitive approach
    Woon, YK
    Ng, WK
    Lim, EP
    WISE 2002: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON WEB INFORMATION SYSTEMS ENGINEERING (WORKSHOPS), 2002, : 217 - 222
  • [34] Controlling open source intermediaries - a web log mining approach
    Grob, HL
    Bensberg, F
    Kaderali, F
    ITI 2004: PROCEEDINGS OF THE 26TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY INTERFACES, 2004, : 233 - 242
  • [35] A Log Mining Approach to Failure Analysis of Enterprise Telephony Systems
    Lim, Chinghway
    Singh, Navjot
    Yajnik, Shalini
    2008 IEEE INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS & NETWORKS WITH FTCS & DCC, 2008, : 398 - +
  • [36] Workflow mining based on heuristic approach using log data
    Chang, Young-Won
    Lee, Myoung-Hee
    Yoo, Cheol-Jung
    Chang, Ok-Bae
    RECENT PROGRESS IN COMPUTATIONAL SCIENCES AND ENGINEERING, VOLS 7A AND 7B, 2006, 7A-B : 79 - 82
  • [37] Enabling Process Mining in the Construction Industry: An Event Log Schema for Change Management Process
    Martinez, Araham
    Nik-Bakht, Mazdak
    PROCEEDINGS OF THE CANADIAN SOCIETY FOR CIVIL ENGINEERING ANNUAL CONFERENCE, VOL 3, CSCE 2023, 2024, 497 : 103 - 117
  • [38] Behavioral Anomaly Detection Approach Based on Log Monitoring
    Du, Sizhong
    Cao, Jian
    PROCEEDINGS OF 2015 IEEE INTERNATIONAL CONFERENCE ON BEHAVIORAL, ECONOMIC, SOCIO-CULTURAL COMPUTING (BESC), 2015, : 188 - 194
  • [39] Semantics-based event log aggregation for process mining and analytics
    Amit V. Deokar
    Jie Tao
    Information Systems Frontiers, 2015, 17 : 1209 - 1226
  • [40] Modeling Customer Experience in a Contact Center through Process Log Mining
    Fu, Teng
    Zampieri, Guido
    Hodgson, David
    Angione, Claudio
    Zeng, Yifeng
    ACM TRANSACTIONS ON INTELLIGENT SYSTEMS AND TECHNOLOGY, 2021, 12 (04)
12345