Loading [a11y]/accessibility-menu.js
MNSSA: Meso-level Network Security Situation Awareness for ICS via Graph Evolution Analysis* | IEEE Conference Publication | IEEE Xplore

MNSSA: Meso-level Network Security Situation Awareness for ICS via Graph Evolution Analysis*


Abstract:

Intrusion detection systems (IDSs) are widely used for generating alarms indicating potential network security risks based on network traffic monitoring in industrial con...Show More

Abstract:

Intrusion detection systems (IDSs) are widely used for generating alarms indicating potential network security risks based on network traffic monitoring in industrial control systems (ICSs). However, it is a big burden for security analysts to handle numerous alarms in real time. Also, most alarms are falsely triggered by normal operations, which makes the real attack risks hard to find. In this paper, we propose MNSSA, a meso-level network security situation awareness method that conducts graph evolution analysis on the ICS alarms. MNSSA can semi-automatically filter low-risk false alarms in bulk and detect attack events. It can better analyze the network security situation and improve alarm processing efficiency.
Date of Conference: 28 August 2024 - 01 September 2024
Date Added to IEEE Xplore: 23 October 2024
ISBN Information:

ISSN Information:

Conference Location: Bari, Italy

Funding Agency:


References

References is not available for this document.