Regular Paper |
|
|
|
|
一种非侵入式的基于功耗的可编程逻辑控制器异常检测方案 |
Yu-jun Xiao, Wen-yuan Xu, Zhen-hua Jia, Zhuo-ran Ma, Dong-lian Qi |
|
NIPAD: a non-invasive power-based anomaly detection scheme for programmable logic controllers |
Yu-jun Xiao, Wen-yuan Xu, Zhen-hua Jia, Zhuo-ran Ma, Dong-lian Qi |
School of Electrical Engineering, Zhejiang University, Hangzhou 310027, China; Wireless Information Network Laboratory, Rutgers University, North Brunswick, NJ 08902, USA |
1 |
Alcaraz, C., Zeadally, S., 2013. Critical control system protection in the 21st century. Computer, 46(10):74-83.
doi: 10.1109/MC.2013.69
|
2 |
Alcaraz, C., Zeadally, S., 2015. Critical infrastructure protection: requirements and challenges for the 21st century. Int. J. Crit. Infrastr. Protect., 8:53-66.
doi: 10.1016/j.ijcip.2014.12.002
|
3 |
Bencsáth, B., Pék, G., Buttyán, L., et al., 2012. The cousins of Stuxnet: Duqu, Flame, and Gauss. Fut. Int., 4(4):971-1003.
doi: 10.3390/fi4040971
|
4 |
Bolton, W., 2015. Programmable Logic Controllers (6th Ed.). Newnes, USA.
|
5 |
Bullock, J., Conservatoire, U.C.E.B., 2007. LibXtract: a lightweight library for audio feature extraction. Proc. Int. Computer Music Conf., p.1-4.
|
6 |
Candes, E.J., Tao, T., 2006. Near-optimal signal recovery from random projections: universal encoding strategies? IEEE Trans. Inform. Theory, 52(12):5406-5425.
doi: 10.1109/TIT.2006.885507
|
7 |
Cárdenas, A.A., Amin, S., Sastry, S., 2008. Research challenges for the security of control systems. Proc. 3rd Conf. on Hot Topics in Security, Article 6.
|
8 |
Chen, T.M., Abu-Nimeh, S., 2011. Lessons from Stuxnet. Computer, 44(4):91-93.
doi: 10.1109/MC.2011.115
|
9 |
Clark, S.S., Ransford, B., Rahmati, A., et al., 2013. WattsUpDoc: power side channels to nonintrusively discover untargeted malware on embedded medical devices. Proc. USENIX Workshop on Health Information Technologies, p.1-11.
|
10 |
Coletta, A., Armando, A., 2015. Security monitoring for industrial control systems. Proc. Conf. on Cybersecurity of Industrial Control Systems, p.48-62.
doi: 10.1007/978-3-319-40385-4_4
|
11 |
Dalal, N., Triggs, B., 2005. Histograms of oriented gradients for human detection. Proc. IEEE Computer Society Conf. on Computer Vision and Pattern Recognition, p.886-893.
doi: 10.1109/CVPR.2005.177
|
12 |
Formby, D., Srinivasan, P., Leonard, A., et al., 2016. Who’s in control of your control system? Device fingerprinting for cyber-physical systems. Proc. Network and Distributed System Security Symp., p.1-13.
|
13 |
García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., emph{et al.}, 2009. Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur., 28(1-2):18-28.
doi: 10.1016/j.cose.2008.08.003
|
14 |
Gers, F.A., Schmidhuber, J.A., Cummins, F., 2000. Learning to forget: continual prediction with LSTM. Neur. Comput., 12(10):2451-2471.
doi: 10.1162/089976600300015015
|
15 |
Gonzalez, C.A., Hinton, A., 2014. Detecting malicious software execution in programmable logic controllers using power fingerprinting. Proc. Int. Conf. on Critical Infrastructure Protection, p.15-27.
doi: 10.1007/978-3-662-45355-1_2
|
16 |
Johnson, R.E., 2010. Survey of SCADA security challenges and potential attack vectors. Proc. Int. Conf. for Internet Technology and Secured Transactions, p.1-5.
|
17 |
Kesler, B., 2011. The vulnerability of nuclear facilities to cyber attack. Strat. Insights, 10(1):15-25.
|
18 |
Krotofil, M., Gollmann, D., 2013. Industrial control systems security: what is happening? Proc. 11th IEEE Int. Conf. on Industrial Informatics, p.670-675.
doi: 10.1109/INDIN.2013.6622964
|
19 |
Langner, R., 2011. Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3):49-51.
doi: 10.1109/MSP.2011.67
|
20 |
Lee, H., Battle, A., Raina, R., et al., 2006. Efficient sparse coding algorithms. Proc. 19th Int. Conf. on Neural Information Processing Systems, p.801-808.
|
21 |
Lowe, D.G., 2004. Distinctive image features from scale-invariant keypoints. Int. J. Comput. Vis., 60(2):91-110.
doi: 10.1023/B:VISI.0000029664.99615.94
|
22 |
Macaulay, T., Singer, B.L., 2011. Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS. CRC Press, USA.
|
23 |
Malhotra, P., Vig, L., Shroff, G., et al., 2015. Long short term memory networks for anomaly detection in time series. Proc. European Symp. on Artificial Neural Networks, Computational Intelligence and Maching Learning, p.89-94.
|
24 |
Manevitz, L.M., Yousef, M., 2002. One-class SVMs for document classification. J. Mach. Learn. Res., 2:139-154.
|
25 |
Mantere, M., Uusitalo, I., Sailio, M., et al., 2012. Challenges of machine learning based monitoring for industrial control system networks. Proc. 26th Int. Conf. on Advanced Information Networking and Applications Workshops, p.968-972.
doi: 10.1109/WAINA.2012.135
|
26 |
Morris, T., Vaughn, R., Dandass, Y., 2012. A retrofit network intrusion detection system for MODBUS RTU and ASCII industrial control systems. Proc. 45th Hawaii Int. Conf. on System Science, p.2338-2345.
doi: 10.1109/HICSS.2012.78
|
27 |
Nandakumar, K., Jain, A.K., 2004. Local correlation-based fingerprint matching. Proc. ICVGIP, p.503-508.
|
28 |
Ni, B., Moulin, P., Yang, X., et al., 2015. Motion part regularization: improving action recognition via trajectory group selection. Proc. IEEE Conf. on Computer Vision and Pattern Recognition, p.3698-3706.
doi: 10.1109/CVPR.2015.7298993
|
29 |
Pearson, K., 1901. Mathematical contributions to the theory of evolution. X. Supplement to a memoir on skew variation. Phil. Trans. R. Soc. A, 197:443-459.
|
30 |
Peng, Y., Xiang, C., Gao, H., et al., 2015. Industrial control system fingerprinting and anomaly detection. Proc. Int. Conf. on Critical Infrastructure Protection, p.73-85.
doi: 10.1007/978-3-319-26567-4_5
|
31 |
Piggin, R., 2015. Are industrial control systems ready for the cloud? Int. J. Crit. Infrastr. Protect., 9(C):38-40.
doi: 10.1016/j.ijcip.2014.12.005
|
32 |
Ponomarev, S., Atkison, T., 2016. Industrial control system network intrusion detection by telemetry analysis. IEEE Trans. Depend. Sec. Comput., 13(2):252-260.
doi: 10.1109/TDSC.2015.2443793
|
33 |
Pretorius, B., van Niekerk, B., 2016. Cyber-security for ICS/SCADA: a South African perspective. Int. J. Cyber Warf. Terror., 6(3):1-16.
doi: 10.4018/IJCWT.2016070101
|
34 |
Shang, W., Zeng, P., Wan, M., et al., 2016. Intrusion detection algorithm based on OCSVM in industrial control system. Secur. Commun. Netw., 9(10):1040-1049.
doi: 10.1002/sec.1398
|
35 |
Slay, J., Miller, M., 2007. Lessons learned from the Maroochy water breach. Proc. Int. Conf. on Critical Infrastructure Protection, p.73-82.
doi: 10.1007/978-0-387-75462-8_6
|
36 |
Stone, S.J., Temple, M.A., Baldwin, R.O., 2015. Detecting anomalous programmable logic controller behavior using RF-based Hilbert transform features and a correlation-based verification process. Int. J. Crit. Infrastr. Protect., 9(C):41-51.
doi: 10.1016/j.ijcip.2015.02.001
|
37 |
Stouffer, K.A., Falco, J.A., Scarfone, K.A., 2011. Guide to Industrial Control Systems (ICS) Security: Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations such as Programmable Logic Controllers (PLC). Technical Report SP 800-82, National Institute of Standards and Technology, USA.
|
38 |
Wang, H., Kläser, A., Schmid, C., et al., 2013. Dense trajectories and motion boundary descriptors for action recognition. Int. J. Comput. Vis., 103(1):60-79.
doi: 10.1007/s11263-012-0594-8
|
39 |
Xu, J., Yang, G., Man, H., et al., 2013. L1 graph based on sparse coding for feature selection. Proc. Int. Symp. on Neural Networks, p.594-601.
doi: 10.1007/978-3-642-39065-4_71
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|