An Attack Detection Method of Industry Control System Based on Multi-dimension Abnormities
- DOI
- 10.2991/icmmct-17.2017.225How to use a DOI?
- Keywords
- Industrial Control System; multi-dimension abnormities; Redundant Relationship; Parallel Relationship
- Abstract
The existing attack detection methods cannot extract attack of industrial control system(ICS) correctly. In the view of that, we analyze the characteristics of ICS and proposes an attack detection method of ICS based on multi-dimension abnormities. First of all, we divide hosts into multiple dimensions according to business behavior characteristics of ICS. The multi-dimension abnormities could be used by attack detection method as input. Secondly, we use a hierarchical progress to detect attack because of the different relationships of multi-dimension abnormities. For redundant relationship, we use attribute similar method to extract the abnormal events; For parallel relationship, we use the improved native bayesian to do attack aggregation. Finally, we do a simulation experiment and it shows that our attack detection method has good detection effect.
- Copyright
- © 2017, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Zihua Fan AU - Chaowen Chang AU - Dongcun Pan PY - 2017/04 DA - 2017/04 TI - An Attack Detection Method of Industry Control System Based on Multi-dimension Abnormities BT - Proceedings of the 2017 5th International Conference on Machinery, Materials and Computing Technology (ICMMCT 2017) PB - Atlantis Press SP - 1137 EP - 1145 SN - 2352-5401 UR - https://doi.org/10.2991/icmmct-17.2017.225 DO - 10.2991/icmmct-17.2017.225 ID - Fan2017/04 ER -