Classification and detection of computer intrusions
Classification and detection of computer intrusions
A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
A process control approach to cyber attack detection
Communications of the ACM
Network Security for Substation Automation Systems
SAFECOMP '01 Proceedings of the 20th International Conference on Computer Safety, Reliability and Security
Hacking Exposed: Network Security Secrets and Solutions, Fourth Edition
Hacking Exposed: Network Security Secrets and Solutions, Fourth Edition
The Role of Utility Communications in a Deregulated Environment
HICSS '99 Proceedings of the Thirty-Second Annual Hawaii International Conference on System Sciences-Volume 3 - Volume 3
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Risk-based Systems Security Engineering: Stopping Attacks with Intention
IEEE Security and Privacy
Position Statement: Methodology to Support Dependable Survivable Cyber-Secure Infrastructures
HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences - Volume 09
Toward Econometric Models of the Security Risk from Remote Attack
IEEE Security and Privacy
Securing SCADA Systems
Attacking information visualization system usability overloading and deceiving the human
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Trends in Process Control Systems Security
IEEE Security and Privacy
Performance Analysis of TCP/AQM Under Denial-of-Service Attacks
MASCOTS '05 Proceedings of the 13th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems
Defense trees for economic evaluation of security investments
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
North America's Electricity Infrastructure: Are We Ready for More Perfect Storms?
IEEE Security and Privacy
A spatiotemporal event correlation approach to computer security
A spatiotemporal event correlation approach to computer security
Palm line extraction and matching for personal authentication
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Automatically detecting criminal identity deception: an adaptive detection algorithm
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Covariance-Matrix Modeling and Detecting Various Flooding Attacks
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
A Formal Virtual Enterprise Access Control Model
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
SCADA security device: design and implementation
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Hi-index | 0.00 |
Disruption of electric power operations can be catastrophic on national security and the economy. Due to the complexity of widely dispersed assets and the interdependences among computer, communication, and power infrastructures, the requirement to meet security and quality compliance on operations is a challenging issue. In recent years, the North American Electric Reliability Corporation (NERC) established a cybersecurity standard that requires utilities' compliance on cybersecurity of control systems. This standard identifies several cyber-related vulnerabilities that exist in control systems and recommends several remedial actions (e.g., best practices). In this paper, a comprehensive survey on cybersecurity of critical infrastructures is reported. A supervisory control and data acquisition security framework with the following four major components is proposed: 1) real-time monitoring; 2) anomaly detection; 3) impact analysis; and 4) mitigation strategies. In addition, an attack-tree-based methodology for impact analysis is developed. The attack-tree formulation based on power system control networks is used to evaluate system-, scenario-, and leaf-level vulnerabilities by identifying the system's adversary objectives. The leaf vulnerability is fundamental to the methodology that involves port auditing or password strength evaluation. The measure of vulnerabilities in the power system control framework is determined based on existing cybersecurity conditions, and then, the vulnerability indices are evaluated.