An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems / (Record no. 67940)

000 -LEADER
fixed length control field 02231nab a2200205 a 4500
001 - CONTROL NUMBER
control field vtls000073658
003 - CONTROL NUMBER IDENTIFIER
control field USIM
005 - DATE AND TIME OF LATEST TRANSACTION
control field 20161107015237.0
008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION
fixed length control field 150302 000 0 eng d
039 #9 - LEVEL OF BIBLIOGRAPHIC CONTROL AND CODING DETAIL [OBSOLETE]
-- 201503021517
-- syukor
049 ## - LOCAL HOLDINGS (OCLC)
Holding library USIM
100 1# - MAIN ENTRY--PERSONAL NAME
Personal name Alrnalawi, Abdulmohsen
245 1# - TITLE STATEMENT
Title An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems /
Medium [article]
Statement of responsibility, etc. Abdulmohsen Alrnalawi, Xinghuo Yu, Zahir Tari, Adil Fahad, lbrahim Khalil
520 3# - SUMMARY, ETC.
Summary, etc. Supervisory Control and Data Acquisition (SCADA) systems are a core part of industrial systems, such as smart grid power and water distribution systems. In recent years, such systems become highly vulnerable to cyber attacks. The design of efficient and accurate data-driven anomaly detection models become an important topic of interest relating to the development of SCADA-specific Intrusion Detection Systems (IDSs) to counter cyber attacks. This paper proposes two novel techniques: (i) an automatic identification of consistent and inconsistent states of SCADA data for any given system, and (ii) an automatic extraction of proximity detection rules from identified states. During the identification phase, the density factor for the k-nearest neighbours of an observation is adapted to compute its inconsistency score. Then, an optimal inconsistency threshold is calculated to separate inconsistent from consistent observations. During the extraction phase, the well-known fixed-width clustering technique is extended to extract proximity-detection rules, which forms a small and most-representative data set for both inconsistent and consistent behaviours in the training data set. Extensive experiments were carried out both on real as well as simulated data sets, and we show that the proposed techniques provide significant accuracy and efficiency in detecting cyber attacks, compared to three wellknown anomaly detection approaches.
700 1# - ADDED ENTRY--PERSONAL NAME
Personal name Khalil, Ibrahim
700 1# - ADDED ENTRY--PERSONAL NAME
Personal name Fahad, Adil
700 1# - ADDED ENTRY--PERSONAL NAME
Personal name Tari, Zahir
700 1# - ADDED ENTRY--PERSONAL NAME
Personal name Yu, Xinghuo
773 ## - HOST ITEM ENTRY
Control subfield nnas
Record control number (USIM)000031613
Title Computers & security.
Place, publisher, and date of publication Amsterdam, The Netherlands :; North-Holland,; 1982-
Title Computers & Security
Related parts Volume 46, October 2014 2013, p94-110
International Standard Serial Number 0167-4048

No items available.