Skip to main content
SpringerLink
Log in

Safeguarding SCADA Systems with Anomaly Detection

  • Conference paper
Book cover Computer Network Security (MMM-ACNS 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2776))

Abstract

This paper will show how the accuracy and security of SCADA systems can be improved by using anomaly detection to identify bad values caused by attacks and faults. The performance of invariant induction and n- gram anomaly-detectors will be compared and this paper will also outline plans for taking this work further by integrating the output from several anomaly- detecting techniques using Bayesian networks. Although the methods outlined in this paper are illustrated using the data from an electricity network, this research springs from a more general attempt to improve the security and dependability of SCADA systems using anomaly detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Clements, K.A., Davis, P.W.: Detection and Identification of Topology Errors in Electric Power Systems. IEEE Transactions on Power Systems 3(4) ( November 1988)

    Google Scholar 

  2. CylantSecure, http://www.cylant.com

  3. Damashek, M.: Gauging Similarity with n-Grams: Language-Independent Categorization of Text. Science 267(10), 843–848 (1995)

    Article  Google Scholar 

  4. dti (Department of Trade and Industry, UK). Information Security Breaches Survey (2002), available at: https://www.security-survey.gov.uk/isbs2002_detailedreport.pdf

  5. Dĕroski, S., Todorovski, L.: Discovering Dynamics: From Inductive Logic Programming to Machine Discovery. Journal of Intelligent Systems 4, 89–108 (1994)

    Google Scholar 

  6. Ernst, M.D.: Dynamically Discovering Likely Program Invariants, PhD Thesis, University of Washington (2000)

    Google Scholar 

  7. Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A sense of self for unix processes. In: Proceedings of the 1996 IEEE Symposium on Computer Security and Privacy. IEEE Press, Los Alamitos (1996)

    Google Scholar 

  8. González-Pérez, C., Wollenberg, B.F.: Analysis of Massive Measurement Loss in Large-Scale Power System State Estimation. IEEE Transactions on Power Systems 16(4) (November 2001)

    Google Scholar 

  9. Higgins, M. (ed.): Symantec Internet Security Threat Report, Volume 3 (February 2003)

    Google Scholar 

  10. Langley, P., Simon, H., Bradshaw, G.: Heuristics for empirical discovery. In: Bolc, L. (ed.) Computational Models of Learning. Springer, Berlin (1987)

    Google Scholar 

  11. Lemos, R., Borland, J., Bowman, L., Junnarkar, S.: E-terrorism, News.com Special Report, August 27 (2002)

    Google Scholar 

  12. National Security Telecommunications Advisory Committee Information Assurance Task Force, Electric Power Risk Assessment, (March 1997), http://www.ncs.gov/n5_hp/Reports/EPRA/electric.html

  13. Oman, P., Schweitzer, E., Roberts, J.: Safeguarding IEDs, Substations, and SCADA Systems Against Electronic Intrusions, available at: http://tesla.selinc.com/techpprs.htm

  14. Pereira, J.C., Saraiva, J.T., Miranda, V.C., Antonio, S.L., Clements, K.A.: Comparison of Approaches to Identify Topology Errors in the Scope of State Estimation Studies. In: Proceedings of the, IEEE Porto Power Tech Conference, Porto, Portugal, 10th – 13th (September 2001)

    Google Scholar 

  15. Rao, R.B., Lu, S.C.-Y.: KEDS: a knowledge-based equation discovery system for engineering problems. In:Proceedings of the Eighth Conference on Artificial Intelligence for Applications, 2–6, (March 1992), pp. 211–217 (1992)

    Google Scholar 

  16. Reliability Test System Task Force of the Application of Probability Methods Subcommittee, ‘IEEE Reliability Test System’. IEEE Transactions on Power Apparatus and Systems PAS-98(6) (November/December 1979)

    Google Scholar 

  17. Safeguard website, http://www.ist-safeguard.org

  18. Sterling, B.: The Hacker Crackdown, available at: http://www.mit.edu/hacker/hacker.html

  19. Tan, K.M.C., Maxion, R.A.: Why 6? Defining the Operational Limits of stide, an Anomaly-Based Intrusion Detector. In: IEEE Symposium on Security and Privacy, Berkeley, California, 12–15 May, pp. 188–201 (2002)

    Google Scholar 

  20. Wood, A.J., Wollenberg, B.F.: Power Generation, Operation and Control, 2nd edn. John Wiley & Sons Inc.,New York (1996)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electronic Engineering, Queen Mary, University of London, London, E1 4NS, UK

    John Bigham, David Gamez & Ning Lu

Authors
  1. John Bigham
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Gamez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ning Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. AFRL/IF, 525 Brooks Rd., 13441-4505, Rome, NY, USA

    Leonard Popyack

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bigham, J., Gamez, D., Lu, N. (2003). Safeguarding SCADA Systems with Anomaly Detection. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45215-7_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40797-3

  • Online ISBN: 978-3-540-45215-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation