Supervisory control and data acquisition systems are extensively used in the critical infrastructure domain for controlling and managing large-scale industrial applications. This thesis presents a security management structure developed to protect ICS networks from security intrusions. This structure is formed by a combination of several modules for monitoring system-utilization parameters, data processing, detection of known attacks, forensic analysis to support against unknown attacks, estimation of control system-specific variables, and launch of appropriate protection methods. The best protection method to launch in case of an attack is chosen by a multi-criteria analysis controller based on operational costs and efficiency. A time-series ARIMA model is utilized to estimate the future state of the system and to protect it against cyber intrusions. Signature and performance based detection techniques assist in real-time identification of attacks with little or no human intervention. Simulation results for Scanning, Denial of Service and Injection attacks are provided.
Identifer | oai:union.ndltd.org:MSSTATE/oai:scholarsjunction.msstate.edu:td-5750 |
Date | 14 August 2015 |
Creators | Trivedi, Madhulika |
Publisher | Scholars Junction |
Source Sets | Mississippi State University |
Detected Language | English |
Type | text |
Format | application/pdf |
Source | Theses and Dissertations |
Page generated in 0.0019 seconds