EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A novel online state-based anomaly detection system for process control networks

Hamed Farsi, Ali Fanian and Zahra Taghiyarrenani

International Journal of Critical Infrastructure Protection, 2019, vol. 27, issue C

Abstract: Industrial control networks are the core part of critical infrastructures such as power grid and oil refinery. In recent years, the number of cyber-attacks to industrial control networks are growing increasingly. Moreover, connecting industrial networks to the public network makes these critical infrastructures more vulnerable to the cyber-attacks. Therefore, improving the security of these networks has attracted much attention nowadays. To protect industrial control networks, the proposed online method is able to detect anomalies with low computational time while do not use prior knowledge about the system and anomalies. This method can adjust the severity of detection in order to efficiently detect changes which lead to anomalies; And also can be adapted to inevitable network changes by updating the anomaly threshold using the latest normal states. The proposed method finds anomalies in the network using high-pass filters and Euclidean distance of the current state with the latest states. To evaluate the efficiency of the proposed approach, a boiler control system is simulated and three test datasets are provided from this simulation. The proposed intrusion detection system was evaluated through these datasets, as well as the SWaT dataset. The results show that the proposed approach not only is highly effective for detecting anomalies, but also is adaptable to the normal variations in the network.

Keywords: Intrusion detection system; Industrial networks; Modbus/TCP; Anomaly detection (search for similar items in EconPapers)
Date: 2019
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S1874548219301209
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:ijocip:v:27:y:2019:i:c:s1874548219301209

DOI: 10.1016/j.ijcip.2019.100323

Access Statistics for this article

International Journal of Critical Infrastructure Protection is currently edited by Leon Strous

More articles in International Journal of Critical Infrastructure Protection from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:eee:ijocip:v:27:y:2019:i:c:s1874548219301209