摘要
随着诸如监控和数据采集(SCADA)系统之类的工业控制系统越来越多地连接到企业网络和互联网,其安全性受到极大威胁。研究SCADA系统的异常检测问题时,考虑到了SCADA系统的通信流量通常是高度周期性的。针对SCADA系统提出一种基于输入输出(IO)地址分离和频谱分析的异常检测模型自动构建的方法。实验在真实的SCADA测试平台上进行,结果表明该方法性能优于其他建模方法。
As industrial control systems such as supervisory control and data acquisition(SCADA) systems are increasingly connected to corporate networks and the Internet, their security is greatly threatened. This paper studied the anomaly detection problem of SCADA systems, considering that their communication traffic is generally highly periodic. A method which automatically constructed an anomaly detection model based on IO address separation and spectrum analysis for SCADA systems was proposed in this paper. The experiments were conducted on network trace from a real SCADA testbed. The experimental results show that the proposed method has greater performance compared with other modeling methods.
作者
潘湛
马标
唐文
贾俊铖
张重豪
马浩
Pan Zhan;Ma Biao;Tang Wen;Jia Juncheng;Zhang Zhonghao;Ma Hao(School of Computer Science and Technology,Soochow University,Suzhou 215006,Jiangsu,China;Siemens,Ltd.,Beijing 100102,China)
出处
《计算机应用与软件》
北大核心
2022年第4期343-349,共7页
Computer Applications and Software
基金
中国博士后科学基金项目(2017M611905)
江苏省高等学校自然科学研究面上资助经费项目(17KJB520034)
苏州市产业技术创新专项(民生科技)项目(SS201701)
江苏高校优势学科建设工程资助项目(PAPD)。
