Skip to main content
Conference ProceedingsOPEN ACCESS

An HMM-based anomaly detection approach for SCADA systems

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2016) 9895 LNCS 85-99
DOI: 10.1007/978-3-319-45931-8_6
40Citations
Citations of this article
31Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We describe the architecture of an anomaly detection system based on the Hidden Markov Model (HMM) for intrusion detection in Industrial Control Systems (ICS) and especially in SCADA systems interconnected using TCP/IP. The proposed system exploits the unique characteristics of ICS networks and protocols to efficiently detect multiple attack vectors. We evaluate the proposed system in terms of detection accuracy using as reference datasets made available by other researchers. These datasets refer to real industrial networks and contain a variety of identified attack vectors. We benchmark our findings against a large set of machine learning algorithms and demonstrate that our proposal exhibits superior performance characteristics.

Cite

CITATION STYLE

APA

Stefanidis, K., & Voyiatzis, A. G. (2016). An HMM-based anomaly detection approach for SCADA systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9895 LNCS, pp. 85–99). Springer Verlag. https://doi.org/10.1007/978-3-319-45931-8_6

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free