A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Semantics-Aware Malware Detection
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Computer Viruses: from theory to applications (Collection IRIS)
Computer Viruses: from theory to applications (Collection IRIS)
Mining specifications of malicious behavior
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
A geometric approach to monitoring threshold functions over distributed data streams
ACM Transactions on Database Systems (TODS)
Can we certify systems for freedom from malware
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Attacks against process control systems: risk assessment, detection, and response
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
| Hi-index | 0.00 |
Due to technological advances, it has been a common practice for quite some time to use embedded computers for the monitoring and control of physical processes/plants. These are essentially networked computer-based systems consisting of application-specific control-processing systems, actuators, sensors etc., used for digitally controlling physical systems (often in a federated manner) within a defined geographical location such as power plants, chemical plants etc. Different terminologies like distributed control systems (DCS), cyber-physical systems (CPS), supervisory control and data acquisition systems(SCADA) etc., are used to denoting similar usage. Technology has further made it possible to federate/ integrate heterogeneous (even built by different manufacturers) systems. While such capabilities have provided the needed flexibility and user convenience, it has also created challenges for system designers not only from the correctness point of view but also from the point of view of security and protection of the underlying physical plants. With the arrival of complex malwares, it has become very challenging to secure network and information systems from intruders and protect the systems from attackers. Recently, complex malwares like Stuxnet, Flame etc., have specifically targeted SCADA of public infrastructures like power grids/plants, and thus, bringing to the forefront the challenges in securing and protecting SCADA. The above mentioned malwares are horrendously complex and hence, need a wholesome approach for detection and protection. In these scenarios, apart from the classical IT security, there is a need to look at other plausible new attacks considering the domain of the physical systems in conjunction with the capabilities of the embedded computers, and arrive at methods of protection and risk evaluation. In this paper, we shall describe an algorithmic data-intensive approach (referred to as Bigdata approach) for protecting and securing SCADA from malware attacks. The approach is based on using the data used by control-system designers for making the system robust, and then reducing the security and protection problem of control systems or SCADA, in general, to the problem of monitoring distributed streaming data. We further show that the method is algorithmically scalable and argue that such algorithmic Bigdata approaches enable securing and protecting of IT controlled public infrastructures.