SCADA Full State Network Instrusion and Malfunction Detection System
Loading...
Date
Author(s)
Citation for Previous Publication
Link to Related Item
Abstract
Description
Industries are highly dependent on reliable, accurate and automated control systems to monitor equipment that are critical to their operation. Supervisory Control And Data Acquisition (SCADA) is the most advanced control system which is being widely used in industries and it is an attractive target for threat agents. Host based and network based intrusion prevention systems (IPS) and intrusion detection systems (IDS) are the best existing solution to improve
SCADA security against cyber attack. This paper describes the evolution of network intrusion detection systems (NIDS) from signature based NIDS to a novel NIDS based on the general state of the SCADA control system. One of the most recent NIDS is Modbus/DNP3 state-based NIDS, which is a significant improvement toward detecting complicated attacks on SCADA systems. In this paper we investigate the pros and cons of Modbus/DNP3 state-based NIDS and introduce a new technique to address the limitations and weaknesses of this existing technology. We call our proposed enhancement the SCADA Full-State Network Intrusion and Malfunction Detection System (NIMDS). It functions by monitoring SCADA's behavior and double checking the control process.
Item Type
http://purl.org/coar/resource_type/c_1843
Alternative
Other License Text / Link
Language
en