MEDUSA: Mining Events to Detect Undesirable uSer Actions in SCADA
暂无分享,去创建一个
Standard approaches for detecting malicious behaviors, e.g. monitoring network traffic, cannot address process-related threats in SCADA(Supervisory Control And Data Acquisition) systems. These threats take place when an attacker gains user access rights and performs actions which look legitimate, but which can disrupt the industrial process. We believe that it is possible to detect such behavior by analysing SCADA system logs. We present MEDUSA, an anomaly-based tool for detecting user actions that may negatively impact the system.
[1] Ning Lu,et al. Safeguarding SCADA Systems with Anomaly Detection , 2003, MMM-ACNS.
[2] Yacov Y. Haimes,et al. Risks of Terrorism to Information Technology and to Critical Interdependent Infrastructures , 2004 .