Advanced SearchSearch Tips
Whitelist-Based Anomaly Detection for Industrial Control System Security
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Whitelist-Based Anomaly Detection for Industrial Control System Security
Yoo, Hyunguk; Yun, Jeong-Han; Shon, Taeshik;
  PDF(new window)
Recent cyber attacks targeting control systems are getting sophisticated and intelligent notoriously. As the existing signature based detection techniques faced with their limitations, a whitelist model with security techniques is getting attention again. However, techniques that are being developed in a whitelist model used at the application level narrowly and cannot provide specific information about anomalism of various cases. In this paper, we classify abnormal cases that can occur in control systems of enterprises and propose a new whitelist model for detecting abnormal cases.
Industrial Control System;SCADA;Whitelist;Anomaly Detection;Cyber Attack Taxonomy;
 Cited by
제어프로토콜 퍼징 기반 열차제어시스템 취약점 검출 기법,김우년;장문수;서정택;김상욱;

한국통신학회논문지, 2014. vol.39C. 4, pp.362-369 crossref(new window)
데이터베이스에서 지정된 IP 주소 접근 금지를 위한 기능 설계,장승주;김성진;

한국통신학회논문지, 2014. vol.39C. 8, pp.716-721 crossref(new window)
전력 제어시스템에서 안전한 보안 인증을 위한 메커니즘 소개,박준용;민남홍;하기웅;유기순;송경영;

정보보호학회지, 2014. vol.24. 3, pp.44-53
망분리 환경에서의 보안관제 효율화 방안 연구,한창우;김휘강;김은진;

한국지식정보기술학회논문지, 2014. vol.9. 6, pp.805-819
DNP3에 적합한 발신 부인 방지 기법 제안과 그 구현,유기순;송경영;장민호;

한국통신학회논문지, 2015. vol.40. 5, pp.815-825 crossref(new window)
무기체계 임베디드 소프트웨어의 유지보수 체계 개선 및 정보보호체계 구축 방안,박철현;안훈상;김승규;배종호;

보안공학연구논문지, 2015. vol.12. 4, pp.363-378 crossref(new window)
온라인 게임 해킹대응에서 Signature 기반 탐지방법 개선에 관한 연구,이창선;유진호;

한국전자거래학회지, 2016. vol.21. 1, pp.105-118 crossref(new window)
A. Ginter, "An analysis of Whitelisting security solutions and their applicability in control systems," in SCADA Security Sci. Symp. (S4) 2010, Miami, U.S.A., Jan. 2010.

J. Yoon, W. Kim, and J. Seo, "Study on Technology Requirement using the Technological Trend of Security Products concerning Industrial Control System," J. Korea Inst. Inform. Security Crytology, vol. 22, no. 5, pp. 22-26, Aug. 2012.

B. Zhu, A. Joseph, and S. Sastry, "A taxonomy of cyber attacks on SCADA systems," in Proc. IEEE Int. Conf. Internet Things (iThings/CPSCom), pp. 308-388, Dalian, China, Oct. 2011.

I. N. Fovino, A. Coletta, and M. Masera, "Taxonomy of security solutions for the SCADA sector," ESCoRTS, Deliverable D22, Mar. 2010.

D.-J. Kang, J.-J. Lee, S.-J. Kim, and J.-H. Park, "Analysis on cyber threats to SCADA systems," in Proc. IEEE Transmission Distribution Conf. Expo.: Asia Pacific, pp. 1-4, Seoul, Korea, Oct. 2009.

M. Franz, "ICCP exposed: assessing the attack surface of the utility stack," in SCADA Security Sci. Symp. (S4), Miami, U.S.A., Jan. 2007.

Y. J. Won, "Fault detection, diagnosis, and prediction for IP-based industrial control networks," Ph.D. dissertation, Dept. Elect. Comput. Eng., Postech, Korea, Nov. 2009.

U.S. Homeland Security, "Common cybersecurity vulnerabilities in industrial control," Nat. Cyber Security Division, Control Syst. Security Program, May 2011.

IEC, "IEC 62351 part1 : communication network and system security - introduction to security issues," IEC TS 62351-1, May 2007.

Digital Bond, Quickdraw SCADA IDS, Retrieved June, 26, 2013, from

M. Jang, G. Lee, S. Kim, B.-G. Min, W.-N. Kim, and J. Seo, "Testing vulnerabilities of DNP3," J. Security Eng., vol. 7, no. 1, Feb. 2010.

X. Li, X. Liang, R. Lu, X. Shen, X. Lin, and H. Zhu, "Securing smart grid: cyber attacks," IEEE Commun. Mag., vol. 50, no. 8, pp. 38-45, Aug. 2012.