Abstract
A cyber attack launched on a critical infrastructure (CI), such as a power grid or a water treatment plant, could lead to anomalous behavior. There exist several methods to detect such behavior. This paper reports on a study conducted to compare two methods for detecting anomalies in CI. One of these methods, referred to as design-centric, generates invariants from the design of a CI. Another method, referred to as data-centric, generates the invariants from data collected from an operational CI. The key question that motivated the study is “How do design and data-centric methods compare in the effectiveness of the generated invariants in detecting process anomalies.” The data-centric approach used Association Rule Mining for generating invariants from operational data. These invariants, and their performance in detecting anomalies, was compared against those generated by a design-centric approach reported in the literature. The entire study was conducted in the context of an operational scaled down version of a water treatment plant.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Critical Infrastructure Protection
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
