A log mining approach for process monitoring in SCADA

被引:0
|
作者
Dina Hadžiosmanović
Damiano Bolzoni
Pieter H. Hartel
机构
[1] University of Twente,
来源
International Journal of Information Security | 2012年 / 11卷
关键词
ICS; SCADA; Security; SCADA log; Log analysis; Frequent pattern mining; Process related threat; HAZOP; PHEA; MELISSA;
D O I
暂无
中图分类号
学科分类号
摘要
SCADA (supervisory control and data acquisition) systems are used for controlling and monitoring industrial processes. We propose a methodology to systematically identify potential process-related threats in SCADA. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the SCADA process. To detect such threats, we propose a semi-automated approach of log processing. We conduct experiments on a real-life water treatment facility. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow.
引用
收藏
页码:231 / 251
页数:20
相关论文
共 50 条
  • [41] Discovering Hidden Errors from Application Log Traces with Process Mining
    Cinque, Marcello
    Della Corte, Raffaele
    Pecchia, Antonio
    2019 15TH EUROPEAN DEPENDABLE COMPUTING CONFERENCE (EDCC 2019), 2019, : 137 - 140
  • [42] Towards Event Log Management for Process Mining - Vision and Research Challenges
    van Cruchten, Ruud
    Weigand, Hans
    RESEARCH CHALLENGES IN INFORMATION SCIENCE, 2022, 446 : 197 - 213
  • [43] Optimal setting of the threshold in mining process model from noised log
    Ruan, Ying
    Su, Qiang
    Zhang, Guo-Tong
    Liu, Da-Qing
    Dai, Hong-Fang
    Zhang, Yin-Bin
    Zhu, Yan
    Xue, Lei
    Shanghai Jiaotong Daxue Xuebao/Journal of Shanghai Jiaotong University, 2010, 44 (02): : 276 - 281
  • [44] A Framework for Event Log Generation and Knowledge Representation for Process Mining in Healthcare
    Gatta, Roberto
    Vallati, Mauro
    Lenkowicz, Jacopo
    Casa, Calogero
    Cellini, Francesco
    Damiani, Andrea
    Valentini, Vincenzo
    2018 IEEE 30TH INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI), 2018, : 647 - 654
  • [45] Enhancement in Process Mining Model by Repairing Noisy Behavior in Event Log
    Shahzadi, Shabnam
    Emam, Walid
    Shahzad, Usman
    Iftikhar, Soofia
    Ahmad, Ishfaq
    Sharma, Gaurav
    IEEE ACCESS, 2024, 12 : 82938 - 82948
  • [46] Semantics-based event log aggregation for process mining and analytics
    Deokar, Amit V.
    Tao, Jie
    INFORMATION SYSTEMS FRONTIERS, 2015, 17 (06) : 1209 - 1226
  • [47] Redo Log Process Mining in Real Life: Data Challenges & Opportunities
    de Murillas, E. Gonzalez Lopez
    Hoogendoorn, G. E.
    Reijers, Hajo A.
    BUSINESS PROCESS MANAGEMENT WORKSHOPS (BPM 2017), 2018, 308 : 573 - 587
  • [48] Optimal event log sanitization for privacy-preserving process mining
    Fahrenkrog-Petersen, Stephan A.
    van der Aa, Han
    Weidlich, Matthias
    DATA & KNOWLEDGE ENGINEERING, 2023, 145
  • [49] An empirical evaluation of unsupervised event log abstraction techniques in process mining
    Van Houdt, Greg
    de Leoni, Massimiliano
    Martin, Niels
    Depaire, Benoit
    INFORMATION SYSTEMS, 2024, 121
  • [50] An outlook on semantic business process mining and monitoring
    de Medeiros, A. K. Alves
    Pedrinaci, C.
    van der Aalst, W. M. P.
    Domingue, J.
    Song, M.
    Rozinat, A.
    Norton, B.
    Cabral, L.
    ON THE MOVE TO MEANINGFUL INTERNET SYSTEMS 2007: OTM 2007 WORKSHOPS, PT 2, PROCEEDINGS, 2007, 4806 : 1244 - +
12345