Securing control networks (e.g. for power and gas distribution) requires dedicated approaches. Sequence-aware intrusion detection models the network traffic under normal operation to identify malicious behavior. Unfortunately, such models are often large and difficult to handle. This paper proposes a method that generates smaller traffic models and discusses the accuracy of those reduced models in the context of a real control infrastructure employing the IEC 60870-5-104 protocol.
CITATION STYLE
Ferling, B., Chromik, J., Caselli, M., & Remke, A. (2018). Intrusion Detection for Sequence-Based Attacks with Reduced Traffic Models. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10740 LNCS, pp. 53–67). Springer Verlag. https://doi.org/10.1007/978-3-319-74947-1_4
Mendeley helps you to discover research relevant for your work.