MELISSA: Towards automated detection of undesirable user actions in critical infrastructures

D. Hadziosmanovic, D. Bolzoni, P.H. Hartel, S. Etalle

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

12 Citations (Scopus)
116 Downloads (Pure)

Abstract

We address the detection of process-related threats in control systems used in critical infrastructures. Process-related threats take place when an attacker gains user access rights and performs actions, which look legitimate, but which are intended to disrupt the industrial process. We use logs to detect anomalous patterns of user actions on process control application. A preliminary case study suggests that our approach is effective in detecting anomalous events that might alter the regular process workflow.
Original languageEnglish
Title of host publicationProceedings of the European Conference on Computer Network Defense (EC2ND, Gothenburg, Sweden, September 6-7, 2011)
PublisherIEEE Computer Society
Pages41-48
ISBN (Print)978-1-4673-2116-7
DOIs
Publication statusPublished - 2011

Fingerprint Dive into the research topics of 'MELISSA: Towards automated detection of undesirable user actions in critical infrastructures'. Together they form a unique fingerprint.

  • Cite this

    Hadziosmanovic, D., Bolzoni, D., Hartel, P. H., & Etalle, S. (2011). MELISSA: Towards automated detection of undesirable user actions in critical infrastructures. In Proceedings of the European Conference on Computer Network Defense (EC2ND, Gothenburg, Sweden, September 6-7, 2011) (pp. 41-48). IEEE Computer Society. https://doi.org/10.1109/EC2ND.2011.10