A trust-based approach for detecting compromised nodes in SCADA systems

Abstract

Nowadays, many critical infrastructures are monitored by SCADA systems processing data obtained by underlying sensor networks. Modern SCADA systems are usually networked, also using wireless connections. Thus, security concerns are crucial when developing SCADA applications, as they are increasingly vulnerable to cyber attacks. In this context, the detection of misbehaving nodes is a key issue, which is in general not easy to address due to the logical and physical high distribution of nodes as well as their complex functions in the network. To deal with the above problem, approaches based on information sharing among collaborative components seem suitable. However, all the past proposals based on information sharing only focus on detecting misbehaving sensor nodes without considering all the other SCADA nodes at any level of complexity. In this paper, we present a trust-based approach to detecting high-level compromised nodes in a SCADA system that is based on a competition among agents associated to nodes. Some preliminary experiments we have performed show promising results of the proposed approach in terms of effectiveness and efficiency. © 2013 Springer-Verlag Berlin Heidelberg.