SRI Logo
About Us|R and D Divisions|Careers|Newsroom|Contact Us|SRI Home
  SRI Logo

Intrusion Monitoring in Process Control Systems
 by Dr. Steven Cheung & Alfonso Valdes.

From Proceedings of the 42nd Hawaii International Conference on System Sciences.
Big Island, Hawaii.
January 5-8, 2009.
IEEE Computer Society Press.

To protect process control networks from cyber intrusions, preventive security measures such as perimeter defenses (for example, network firewalls and demilitarized zones) and secure versions of process control network protocols have been increasingly adopted or proposed. Although system hardening and fixing known vulnerabilities of existing systems are crucial to secure process control systems, intrusion monitoring is essential to ensure that the preventive measures are not compromised or bypassed. Our approach involves a multilayer security architecture for monitoring process control systems to achieve accurate and effective situational awareness. Also, we leverage some of the characteristics of process control systems such as the regularity of network traffic patterns to perform intrusion detection, with the potential to detect unknown attacks. To facilitate human analysts to gain a better understanding of anomalous network traffic patterns, we present a visualization tool that supports multiple user-customizable views and animation for analyzing network packet traces.
BibTEX Entry
  author =       "Alfonso Valdes and Steven Cheung",
  title =        "Intrusion Monitoring in Process Control Systems",
  booktitle =    "Proceedings of the $42^{nd}$ Hawaii International 
                  Conference on System Sciences",
  address =      "Big Island, Hawaii",
  month =        jan # "~5--8,",
  year =         2009


About Us  |  R&D Divisions  |  Careers  |  Newsroom  |  Contact Us
© 2024 SRI International 333 Ravenswood Avenue, Menlo Park, CA 94025-3493
SRI International is an independent, nonprofit corporation. Privacy policy