EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Network Traffic Features for Anomaly Detection in Specific Industrial Control System Network

Matti Mantere, Mirko Sailio and Sami Noponen
Additional contact information
Matti Mantere: VTT Technical Research Centre of Finland, Kaitovayla 1, Oulu 90571, Finland
Mirko Sailio: VTT Technical Research Centre of Finland, Kaitovayla 1, Oulu 90571, Finland
Sami Noponen: VTT Technical Research Centre of Finland, Kaitovayla 1, Oulu 90571, Finland

Future Internet, 2013, vol. 5, issue 4, 1-14

Abstract: The deterministic and restricted nature of industrial control system networks sets them apart from more open networks, such as local area networks in office environments. This improves the usability of network security, monitoring approaches that would be less feasible in more open environments. One of such approaches is machine learning based anomaly detection. Without proper customization for the special requirements of the industrial control system network environment, many existing anomaly or misuse detection systems will perform sub-optimally. A machine learning based approach could reduce the amount of manual customization required for different industrial control system networks. In this paper we analyze a possible set of features to be used in a machine learning based anomaly detection system in the real world industrial control system network environment under investigation. The network under investigation is represented by architectural drawing and results derived from network trace analysis. The network trace is captured from a live running industrial process control network and includes both control data and the data flowing between the control network and the office network. We limit the investigation to the IP traffic in the traces.

Keywords: industrial control systems; anomaly detection; machine learning; network security (search for similar items in EconPapers)
JEL-codes: O3 (search for similar items in EconPapers)
Date: 2013
References: View complete reference list from CitEc
Citations: View citations in EconPapers (3)

Downloads: (external link)
https://www.mdpi.com/1999-5903/5/4/460/pdf (application/pdf)
https://www.mdpi.com/1999-5903/5/4/460/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jftint:v:5:y:2013:i:4:p:460-473:d:29083

Access Statistics for this article

Future Internet is currently edited by Ms. Grace You

More articles in Future Internet from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:gam:jftint:v:5:y:2013:i:4:p:460-473:d:29083