Tingting Li scite author profile

We outline an anomaly detection method for industrial control systems (ICS) that combines the analysis of network package contents that are transacted between ICS nodes and their time-series structure. Specifically, we take advantage of the predictable and regular nature of communication patterns that exist between so-called field devices in ICS networks. By observing a system for a period of time without the presence of anomalies we develop a base-line signature database for general packages. A Bloom filter is used to store the signature database which is then used for package content level anomaly detection. Furthermore, we approach time-series anomaly detection by proposing a stacked Long Short Term Memory (LSTM) networkbased softmax classifier which learns to predict the most likely package signatures that are likely to occur given previously seen package traffic. Finally, by the inspection of a real dataset created from a gas pipeline SCADA system, we show that an anomaly detection scheme combining both approaches can achieve higher performance compared to various current stateof-the-art techniques.

show abstract

Defense-in-depth vs. Critical Component Defense for Industrial Control Systems

Fielder

Hankin

2016

View full text Add to dashboard Cite

Originally designed as self-contained and isolated networks, Industrial Control Systems (ICS) have evolved to become increasingly interconnected with IT systems and other wider networks and services, which enables cyber attacks to sabotage the normal operation of ICS. This paper proposes a simulation of attackers and defenders, who have limited resources that must be applied to either advancing the technology they have available to them or attempting to attack (defend) the system. The objective is to identify the appropriate deployment of specific defensive strategy, such as Defense-in-depth and Critical Component Defense. The problem is represented as a strategic competitive optimisation problem, which is solved using a coevolutionary Particle Swarm Optimisation problem. Through the development of optimal defense strategies, it is possible to identify when each specific defensive strategies is most appropriate; where the optimal defensive strategy depends on the kind of attacker the system is expecting and the structure of the network.

show abstract

National continuous surveys on internal quality control for HbA1c in 306 clinical laboratories of China from 2012 to 2016: Continual improvement

Wang

Zhao

et al. 2016

J Clin Lab Anal

View full text Add to dashboard Cite

show abstract

Modelling Cost-Effectiveness of Defenses in Industrial Control Systems

Fielder

Hankin

2016

View full text Add to dashboard Cite

Abstract. Industrial Control Systems (ICS) play a critical role in controlling industrial processes. Wide use of modern IT technologies enables cyber attacks to disrupt the operation of ICS. Advanced Persistent Threats (APT) are the most threatening attacks to ICS due to their long persistence and destructive cyberphysical effects to ICS. This paper considers a simulation of attackers and defenders of an ICS, where the defender must consider the cost-efficiency of implementing defensive measures within the system in order to create an optimal defense. The aim is to identify the appropriate deployment of a specific defensive strategy, such as defense-in-depth or critical component defense. The problem is represented as a strategic competitive optimisation problem, which is solved using a co-evolutionary particle swarm optimisation algorithm. Through the development of optimal defense strategy, it is possible to identify when each specific defensive strategies is most appropriate; where the optimal defensive strategy depends on the resources available and the relative effectiveness of those resources.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Tingting Li

Multi-level Anomaly Detection in Industrial Control Systems via Package Signatures and LSTM Networks

Defense-in-depth vs. Critical Component Defense for Industrial Control Systems

National continuous surveys on internal quality control for HbA1c in 306 clinical laboratories of China from 2012 to 2016: Continual improvement

Modelling Cost-Effectiveness of Defenses in Industrial Control Systems

Contact Info

Product

Resources

About