Securing SCADA Critical Network Against Internal and External Threats

Anbal, Mounia El; Kalam, Anas Abou El; Benhadou, Siham; Moutaouakkil, Fouad; Medromi, Hicham

doi:10.1007/978-3-319-71368-7_29

Cited by 2 publications

(2 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In spite of advanced research on insider threats, challenges in validating and refining the detection models remain due to the absence of real-world data from organizations [13,139,196]. The lack of actual insider threat data is also a major challenge in assessing and developing insider threat…”

Section: Lack Of Real Datamentioning

confidence: 99%

“…Supervisory control and data acquisition systems (SCADA) constitute the critical infrastructures' sensitive parts. Each successful malicious incident could cause huge damages on materials economic and human [196]. Operators play an important role in SCADA systems, and their commands can have high impacts on the reliability of critical infrastructures.…”

Section: Insider Threats In Scadamentioning

confidence: 99%

See 1 more Smart Citation

A Review of Insider Threat Detection: Classification, Machine Learning Techniques, Datasets, Open Challenges, and Recommendations

et al. 2020

View full text Add to dashboard Cite

Insider threat has become a widely accepted issue and one of the major challenges in cybersecurity. This phenomenon indicates that threats require special detection systems, methods, and tools, which entail the ability to facilitate accurate and fast detection of a malicious insider. Several studies on insider threat detection and related areas in dealing with this issue have been proposed. Various studies aimed to deepen the conceptual understanding of insider threats. However, there are many limitations, such as a lack of real cases, biases in making conclusions, which are a major concern and remain unclear, and the lack of a study that surveys insider threats from many different perspectives and focuses on the theoretical, technical, and statistical aspects of insider threats. The survey aims to present a taxonomy of contemporary insider types, access, level, motivation, insider profiling, effect security property, and methods used by attackers to conduct attacks and a review of notable recent works on insider threat detection, which covers the analyzed behaviors, machine-learning techniques, dataset, detection methodology, and evaluation metrics. Several real cases of insider threats have been analyzed to provide statistical information about insiders. In addition, this survey highlights the challenges faced by other researchers and provides recommendations to minimize obstacles.

show abstract

Section: Lack Of Real Datamentioning

confidence: 99%

Section: Insider Threats In Scadamentioning

confidence: 99%