{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,10]],"date-time":"2025-04-10T05:12:43Z","timestamp":1744261963563,"version":"3.40.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030215675"},{"type":"electronic","value":"9783030215682"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-21568-2_9","type":"book-chapter","created":{"date-parts":[[2019,5,28]],"date-time":"2019-05-28T22:13:31Z","timestamp":1559081611000},"page":"175-195","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Hide and Seek: An Architecture for Improving Attack-Visibility in Industrial Control Systems"],"prefix":"10.1007","author":[{"given":"Jairo","family":"Giraldo","sequence":"first","affiliation":[]},{"given":"David","family":"Urbina","sequence":"additional","affiliation":[]},{"given":"Alvaro A.","family":"Cardenas","sequence":"additional","affiliation":[]},{"given":"Nils Ole","family":"Tippenhauer","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,5,29]]},"reference":[{"key":"9_CR1","unstructured":"Abrams, M., Weiss, J.: Malicious control system cyber security attack case study-Maroochy water services, Australia. The MITRE Corporation, McLean (2008)"},{"key":"9_CR2","unstructured":"Ahmed, C.M., et al.: NoisePrint: attack detection using sensor and process noise fingerprint in cyber physical systems. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 483\u2013497. ACM (2018)"},{"key":"9_CR3","unstructured":"Brooks, P.: EtherNet\/IP: industrial protocol white paper. Technical report, Rockwell Automation (2001)"},{"issue":"2","key":"9_CR4","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1109\/TII.2010.2099234","volume":"7","author":"A Carcano","year":"2011","unstructured":"Carcano, A., Coletta, A., Guglielmi, M., Masera, M., Fovino, I.N., Trombetta, A.: A multidimensional critical state analysis for detecting intrusions in SCADA systems. IEEE Trans. Ind. Inform. 7(2), 179\u2013186 (2011)","journal-title":"IEEE Trans. Ind. Inform."},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Cardenas, A.A., Amin, S., Lin, Z.S., Huang, Y.L., Huang, C.Y., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 355\u2013366 (2011)","DOI":"10.1145\/1966913.1966959"},{"key":"9_CR6","unstructured":"Caselli, M., Zambon, E., Amann, J., Sommer, R., Kargl, F.: Specification mining for intrusion detection in networked control systems. In: 25th USENIX Security Symposium (USENIX Security 2016), pp. 791\u2013806 (2016)"},{"key":"9_CR7","unstructured":"Cheng, L., Tian, K., Yao, D., Sha, L., Beyah, R.A.: Checking is believing: event-aware program anomaly detection in cyber-physical systems. IEEE Trans. Dependable Secur. Comput. (2019)"},{"key":"9_CR8","unstructured":"Cheung, S., Dutertre, B., Fong, M., Lindqvist, U., Skinner, K., Valdes, A.: Using model-based intrusion detection for SCADA networks. In: Proceedings of the SCADA Security Scientific Symposium, vol. 46, pp. 1\u201312 (2007)"},{"key":"9_CR9","unstructured":"Falliere, N., Murchu, L.O., Chien, E.: W32: stuxnet dossier. White paper, symantec corp., security response (2011)"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Gerdes, R.M., Winstead, C., Heaslip, K.: CPS: an efficiency-motivated attack against autonomous vehicular transportation. In: Proceedings of the 29th Annual Computer Security Applications Conference, pp. 99\u2013108. ACM (2013)","DOI":"10.1145\/2523649.2523658"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/978-3-642-33338-5_18","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"D Had\u017eiosmanovi\u0107","year":"2012","unstructured":"Had\u017eiosmanovi\u0107, D., Simionato, L., Bolzoni, D., Zambon, E., Etalle, S.: N-gram against the machine: on the feasibility of the N-gram network analysis for binary protocols. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 354\u2013373. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33338-5_18"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Had\u017eiosmanovi\u0107, D., Sommer, R., Zambon, E., Hartel, P.H.: Through the eye of the PLC: semantic security monitoring for industrial processes. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 126\u2013135. ACM (2014)","DOI":"10.1145\/2664243.2664277"},{"issue":"3","key":"9_CR13","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/MSP.2011.67","volume":"9","author":"R Langner","year":"2011","unstructured":"Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49\u201351 (2011)","journal-title":"IEEE Secur. Priv."},{"key":"9_CR14","unstructured":"Langner, R.: To kill a centrifuge: a technical analysis of what stuxnet\u2019s creators tried to achieve. Langner Group, Arlington (2013)"},{"key":"9_CR15","unstructured":"Lee, R.M., Assante, M.J., Conway, T.: Analysis of the cyber attack on the ukrainian power grid. Technical report, SANS Industrial Control Systems, March 2016"},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"Liu, Y., Ning, P., Reiter, M.K.: False data injection attacks against state estimation in electric power grids. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 21\u201332. ACM (2009)","DOI":"10.1145\/1653662.1653666"},{"key":"9_CR17","doi-asserted-by":"publisher","unstructured":"Mathur, A., Tippenhauer, N.O.: SWaT: a water treatment testbed for research and training on ICS security. In: Proceedings of Workshop on Cyber-Physical Systems for Smart Water Networks (CySWater), April 2016. https:\/\/doi.org\/10.1109\/CySWater.2016.7469060","DOI":"10.1109\/CySWater.2016.7469060"},{"key":"9_CR18","doi-asserted-by":"crossref","unstructured":"McLaughlin, S.: CPS: stateful policy enforcement for control system device usage. In: Proceedings of the 29th Annual Computer Security Applications Conference, ACSAC 2013, pp. 109\u2013118. ACM, New York (2013)","DOI":"10.1145\/2523649.2523673"},{"issue":"4","key":"9_CR19","doi-asserted-by":"publisher","first-page":"55:1","DOI":"10.1145\/2542049","volume":"46","author":"R Mitchell","year":"2014","unstructured":"Mitchell, R., Chen, I.R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. 46(4), 55:1\u201355:29 (2014)","journal-title":"ACM Comput. Surv."},{"issue":"11","key":"9_CR20","doi-asserted-by":"publisher","first-page":"2715","DOI":"10.1109\/TAC.2013.2266831","volume":"58","author":"F Pasqualetti","year":"2013","unstructured":"Pasqualetti, F., Dorfler, F., Bullo, F.: Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715\u20132729 (2013)","journal-title":"IEEE Trans. Autom. Control"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Teixeira, A., P\u00e9rez, D., Sandberg, H., Johansson, K.H.: Attack models and scenarios for networked control systems. In: Proceedings of the 1st International Conference on High Confidence Networked Systems, pp. 55\u201364. ACM (2012)","DOI":"10.1145\/2185505.2185515"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Teixeira, A., Shames, I., Sandberg, H., Johansson, K.H.: Revealing stealthy attacks in control systems. In: 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton), pp. 1806\u20131813. IEEE (2012)","DOI":"10.1109\/Allerton.2012.6483441"},{"key":"9_CR23","doi-asserted-by":"publisher","unstructured":"Urbina, D., et al.: Limiting the impact of stealthy attacks on industrial control systems. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), October 2016. https:\/\/doi.org\/10.1145\/2976749.2978388","DOI":"10.1145\/2976749.2978388"},{"issue":"2","key":"9_CR24","doi-asserted-by":"publisher","first-page":"141","DOI":"10.1016\/0166-3615(94)90017-5","volume":"24","author":"TJ Williams","year":"1994","unstructured":"Williams, T.J.: The purdue enterprise reference architecture. Comput. Ind. 24(2), 141\u2013158 (1994)","journal-title":"Comput. Ind."},{"key":"9_CR25","unstructured":"Python bindings for libnetfilter$$\\_$$queue, February 2017. https:\/\/github.com\/fqrouter\/python-netfilterqueue"},{"key":"9_CR26","unstructured":"Python Language: version 2.7.10, February 2017. https:\/\/docs.python.org\/2\/"},{"key":"9_CR27","unstructured":"Scapy Packet Manupulation Program: version 2.3.1, February 2017. http:\/\/www.secdev.org\/projects\/scapy\/doc\/"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-21568-2_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,5,29]],"date-time":"2024-05-29T00:04:05Z","timestamp":1716941045000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-21568-2_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030215675","9783030215682"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-21568-2_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"29 May 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACNS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Applied Cryptography and Network Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bogota","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Colombia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"acns2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.acns19.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"111","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"29","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"From the ACNS 2019 associated workshops, 10 out of 30 submitted papers were accepted for publication","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}