BROWSE
Detail
Conference Paper
Security Correlation Analysis System for Insider Threat Detection of Industrial Control System
Cited - time in 
Share 
Share
- Authors
- Young-jun Heo, Seon-gyoung Sohn, Jung-chan Na, Beom-hwan Chang
- Issue Date
- 2014-12
- Citation
- International Conference in Information Security and Digital Forensics (ISDF) 2014, pp.49-53
- Language
- English
- Type
- Conference Paper
- Abstract
- The security accident is increasing in industrial infrastructure. The security of industrial control system is caused not only by deliberate acts of external attacker but also by sometimes inadvertent threats of legitimate inner operator. The latter can ultimately have more devastating consequences. Industrial control system works deterministic and restrictive operation. The anomaly communication patterns may be relevant to attack activities or misconfiguration of operator. To detect these threats in industrial control system, we propose security data objects that describe operation and state of system and security correlation analysis system that collects and analyzes these objects and detects intrusion or anomaly state of system. Our approach may provide complementary detection ability for protecting internal threat of industrial infrastructure.
- KSP Keywords
- Communication patterns, Correlation Analysis, Detection ability, Industrial Control System(ICS), Insider threat detection, Internal threat, analysis system, security data