{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T09:08:47Z","timestamp":1726045727759},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030312381"},{"type":"electronic","value":"9783030312398"}],"license":[{"start":{"date-parts":[[2019,9,25]],"date-time":"2019-09-25T00:00:00Z","timestamp":1569369600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-31239-8_13","type":"book-chapter","created":{"date-parts":[[2019,9,24]],"date-time":"2019-09-24T10:03:26Z","timestamp":1569319406000},"page":"153-168","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["A Specification-Based Intrusion Prevention System for Malicious Payloads"],"prefix":"10.1007","author":[{"given":"Aaron","family":"Werth","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thomas H.","family":"Morris","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,9,25]]},"reference":[{"key":"13_CR1","unstructured":"Chromik, J.J., Remke, A., Haverkort, B.R.: What\u2019s under the hood?"},{"key":"13_CR2","unstructured":"Improving SCADA security with process awareness. In: JointWorkshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), pp. 1\u20136. IEEE (2016)"},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Chromik, J.J., Remke, A., Haverkort, B.R.: Improving SCADA security of a local process with a power grid model. In: ICS-CSR (2016)","DOI":"10.14236\/ewic\/ICS2016.13"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Lin, H., Slagell, A., Kalbarczyk, Z., Sauer, P.W., Iyer, R.K.: Semantic security analysis of SCADA networks to detect malicious control commands in power grids. In: Proceedings of the First ACM Workshop on Smart Energy Grid Security, pp. 29\u201334. ACM, (2013)","DOI":"10.1145\/2516930.2516947"},{"key":"13_CR5","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1109\/TSG.2016.2547742","volume":"9","author":"H Lin","year":"2016","unstructured":"Lin, H., Slagell, A., Kalbarczyk, Z., Sauer, P., Iyer, R.: Runtime semantic security analysis to detect and mitigate control-related attacks in power grids. IEEE Trans. Smart Grid 9, 163\u2013178 (2016)","journal-title":"IEEE Trans. Smart Grid"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Etigowni, S., Tian, D.J., Hernandez, G., Zonouz, S., Butler, K.: CPAC: securing critical infrastructure with cyber-physical access control. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 139\u2013152. ACM (2016)","DOI":"10.1145\/2991079.2991126"},{"key":"13_CR7","doi-asserted-by":"crossref","unstructured":"Had\u017eiosmanovi\u0107, D., Sommer, R., Zambon, E., Hartel, P.H.: Through the eye of the PLC: semantic security monitoring for industrial processes. In: Proceedings of the 30th Annual Computer Security Applications Conference, pp. 126\u2013135. ACM (2014)","DOI":"10.1145\/2664243.2664277"},{"key":"13_CR8","unstructured":"McLaughlin, S.: On dynamic malware payloads aimed at programmable logic controllers. In: Proceedings of the 6th USENIX Conference on Hot Topics in Security, HotSec 2011, Berkeley, CA, USA, p. 10. USENIX Association (2011)"},{"key":"13_CR9","doi-asserted-by":"crossref","unstructured":"McLaughlin, S.: Cps: stateful policy enforcement for control system device usage. In: Proceedings of the 29th Annual Computer Security Applications Conference, ACSAC 2013, pp. 109\u2013118. ACM (2013)","DOI":"10.1145\/2523649.2523673"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"McLaughlin, S., McDaniel, P.: SABOT: specification-based payload generation for programmable logic controllers. In: ACM Conference on Computer and Communications Security, pp. 439\u2013449. ACM (2012)","DOI":"10.1145\/2382196.2382244"},{"key":"13_CR11","volume-title":"System Identification: Theory for the User","author":"L Ljung","year":"1987","unstructured":"Ljung, L.: System Identification: Theory for the User. Prentice-Hall, Upper Saddle River (1987)"},{"key":"13_CR12","doi-asserted-by":"publisher","first-page":"138","DOI":"10.1007\/978-3-642-14379-3_12","volume-title":"Critical Information Infrastructures Security","author":"Andrea Carcano","year":"2010","unstructured":"Carcano, A., Fovino, I.N., Masera, M., Trombetta, A.: State-based network intrusion detection systems for SCADA protocols: a proof of concept. In: International Workshop on Critical Information Infrastructures Security, pp. 138\u2013150. Springer, Heidelberg (2009)"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"C\u00e1rdenas, A.A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 355\u2013366. ACM (2011)","DOI":"10.1145\/1966913.1966959"},{"key":"13_CR14","unstructured":"Zhu, B., Sastry, S.: SCADA-specific intrusion detection\/prevention systems: a survey and taxonomy. In: Proceedings of the 1st Workshop on Secure Control Systems (SCS), vol. 11, p. 7 (2010)"},{"issue":"4","key":"13_CR15","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1145\/2542049","volume":"46","author":"R Mitchell","year":"2014","unstructured":"Mitchell, R., Chen, I.-R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), 55 (2014)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"13_CR16","doi-asserted-by":"publisher","first-page":"1674","DOI":"10.1016\/j.neucom.2017.10.009","volume":"275","author":"D Ding","year":"2018","unstructured":"Ding, D., Han, Q.-L., Xiang, Y., Ge, X., Zhang, X.-M.: A survey on security control and attack detection for industrial cyber-physical systems. Neurocomputing 275, 1674\u20131683 (2018)","journal-title":"Neurocomputing"},{"issue":"1","key":"13_CR17","first-page":"3","volume":"9","author":"W Gao","year":"2014","unstructured":"Gao, W., Morris, T.H.: On cyber attacks and signature based intrusion detection for modbus based industrial control systems. J. Digit. Forensics Secur. Law 9(1), 3 (2014)","journal-title":"J. Digit. Forensics Secur. Law"},{"key":"13_CR18","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1016\/j.cose.2018.05.002","volume":"77","author":"T Alves","year":"2018","unstructured":"Alves, T., Das, R., Werth, A., Morris, T.: Virtualization of SCADA testbeds for cybersecurity research: a modular approach. Comput. Secur. 77, 531\u2013546 (2018)","journal-title":"Comput. Secur."},{"key":"13_CR19","volume-title":"Malicious Control System Cyber Security Attack Case Study\u2013Maroochy Water Services, Australia","author":"M Abrams","year":"2008","unstructured":"Abrams, M., Weiss, J.: Malicious Control System Cyber Security Attack Case Study\u2013Maroochy Water Services, Australia. The MITRE Corporation, McLean (2008)"},{"issue":"5","key":"13_CR20","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/MIS.2005.89","volume":"20","author":"J. Yen","year":"2005","unstructured":"Taipale, K., Cybenko, G., Yen, J., Rosenzweig, P., Sweeney, L., Popp, R.: Homeland security. IEEE Intell. Syst. 20(5), 76\u201386 (2005)","journal-title":"IEEE Intelligent Systems"},{"key":"13_CR21","first-page":"110","volume-title":"Computer Security","author":"Naman Govil","year":"2017","unstructured":"Govil, N., Agrawal, A., Tippenhauer, N.O.: On ladder logic bombs in industrial control systems. In: Computer Security, pp. 110\u2013126. Springer, Cham (2017)"},{"key":"13_CR22","doi-asserted-by":"crossref","unstructured":"Dempsey, K.L., Witte, G.A., Rike, D.: Summary of NIST SP 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations. No. Computer Security Resource Center (2014)","DOI":"10.6028\/NIST.CSWP.02192014"},{"issue":"4","key":"13_CR23","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1109\/MDAT.2017.2709310","volume":"34","author":"J Giraldo","year":"2017","unstructured":"Giraldo, J., Sarkar, E., Cardenas, A.A., Maniatakos, M., Kantarcioglu, M.: Security and privacy in cyber-physical systems: a survey of surveys. IEEE Design Test 34(4), 7\u201317 (2017)","journal-title":"IEEE Design Test"},{"issue":"3","key":"13_CR24","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1016\/j.ijcip.2009.06.001","volume":"2","author":"Y-L Huang","year":"2009","unstructured":"Huang, Y.-L., C\u00e1rdenas, A.A., Amin, S., Lin, Z.-S., Tsai, H.-Y., Sastry, S.: Understanding the physical and economic consequences of attacks on control systems. Int. J. Crit. Infrastruct. Prot. 2(3), 73\u201383 (2009)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"issue":"4","key":"13_CR25","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1145\/3203245","volume":"51","author":"J Giraldo","year":"2018","unstructured":"Giraldo, J., Urbina, D., Cardenas, A., Valente, J., Faisal, M., Ruths, J., Tippenhauer, N.O., Sandberg, H., Candell, R.: A survey of physics-based attack detection in cyber-physical systems. ACM Comput. Surv. (CSUR) 51(4), 76 (2018)","journal-title":"ACM Comput. Surv. (CSUR)"},{"key":"13_CR26","unstructured":"The industrial control system cyber kill chain. SAN Institute"},{"key":"13_CR27","unstructured":"Lee, E.A.: Cyber-physical systems-are computing foundations adequate. In: Position Paper for NSF Workshop on Cyber-Physical Systems: Research Motivation, Techniques and Roadmap, vol. 2, pp. 1\u20139. Citeseer (2006)"},{"issue":"3","key":"13_CR28","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/MSP.2011.67","volume":"9","author":"Ralph Langner","year":"2011","unstructured":"Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49\u201351 (2011)","journal-title":"IEEE Security & Privacy Magazine"},{"key":"13_CR29","unstructured":"Alert (IR-ALERT-H-16-056-01). ICS. \n                    https:\/\/ics-cert.us-cert.gov\/alerts\/IR-ALERT-H-16-056-01\n                    \n                  . Accessed 29 May 2019"}],"container-title":["Advances in Intelligent Systems and Computing","National Cyber Summit (NCS) Research Track"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-31239-8_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,24]],"date-time":"2019-09-24T10:13:49Z","timestamp":1569320029000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-31239-8_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,9,25]]},"ISBN":["9783030312381","9783030312398"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-31239-8_13","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2019,9,25]]},"assertion":[{"value":"25 September 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NCS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"National Cyber Summit","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Huntsville, AL","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ncs2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.nationalcybersummit.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}