{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T04:18:18Z","timestamp":1725855498961},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319333304"},{"type":"electronic","value":"9783319333311"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-33331-1_11","type":"book-chapter","created":{"date-parts":[[2016,5,17]],"date-time":"2016-05-17T10:12:12Z","timestamp":1463479932000},"page":"132-144","source":"Crossref","is-referenced-by-count":6,"title":["A Statechart-Based Anomaly Detection Model for Multi-Threaded SCADA Systems"],"prefix":"10.1007","author":[{"given":"Amit","family":"Kleinmann","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Avishai","family":"Wool","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,5,18]]},"reference":[{"key":"11_CR1","unstructured":"Afcon Technologies: Pulse HMI Software (2015). Accessed 6 May 2015"},{"key":"11_CR2","doi-asserted-by":"crossref","unstructured":"Alcaraz, C., Cazorla, L., Fern\u00e1ndez, G.: Context-awareness using anomaly-based detectors for smart grid domains. In: Proceedings of the 9th International Conference on Risks, and Security of Internet and Systems (CRISIS), Trento, Italy, September 2014","DOI":"10.1007\/978-3-319-17127-2_2"},{"key":"11_CR3","doi-asserted-by":"crossref","unstructured":"Atassi, A., Elhajj, I.H., Chehab, A., Kayssi, A.: The State of the Art in Intrusion Prevention and Detection, Auerbach Publications. In: Intrusion Detection for SCADA Systems, pp. 211\u2013230. Auerbach Publications, January 2014","DOI":"10.1201\/b16390-12"},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Briesemeister, L., Cheung, S., Lindqvist, U., Valdes, A.: Detection, correlation, and visualization of attacks against critical infrastructure systems. In: 8th International Conference on Privacy Security and Trust (PST), pp. 17\u201319 (2010)","DOI":"10.1109\/PST.2010.5593242"},{"key":"11_CR5","unstructured":"Byres, E.J., Franz, M., Miller, D.: The use of attack trees in assessing vulnerabilities in SCADA systems. In: Proceedings of the International Infrastructure Survivability Workshop (2004)"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Caselli, M., Zambon, E., Kargl, F.: Sequence-aware intrusion detection in industrial control systems. In: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security, pp. 13\u201324. ACM, New York (2015)","DOI":"10.1145\/2732198.2732200"},{"key":"11_CR7","doi-asserted-by":"crossref","unstructured":"Chen, C.-M., Hsiao, H.-W., Yang, P.-Y., Ya-Hui, O.: Defending malicious attacks in cyber physical systems. In: IEEE 1st International Conference on Cyber-Physical Systems, Networks, and Applications (CPSNA), pp. 13\u201318, August 2013","DOI":"10.1109\/CPSNA.2013.6614240"},{"key":"11_CR8","unstructured":"Cheung, S., Dutertre, B., Fong, M., Lindqvist, U., Skinner, K., Valdes, A.: Using model-based intrusion detection for SCADA networks. In: Proceedings of the SCADA Security Scientific Symposium, pp. 127\u2013134 (2007)"},{"key":"11_CR9","unstructured":"Electrical Engineering Blog: The top most used PLC systems around the world. Electrical installation & energy efficiency, May 2013. http:\/\/engineering.electrical-equipment.org\/electrical-distribution\/the-top-most-used-plc-systems-around-the-world.html"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Erez, N., Wool, A.: Control variable classification, modeling and anomaly detection in Modbus\/TCP SCADA networks. In: 9th Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, Washington, DC, USA, March 2015","DOI":"10.1016\/j.ijcip.2015.05.001"},{"key":"11_CR11","unstructured":"Falliere, N., Murchu, L.O., Chien, E.: W32. stuxnet dossier. White Paper, Symantec Corporation, Security Response (2011)"},{"key":"11_CR12","doi-asserted-by":"crossref","unstructured":"Fovino, I.N., Carcano, A., De Lacheze Murel, T., Trombetta, A., Masera, M.: Modbus\/DNP3 state-based intrusion detection system. In: 24th IEEE International Conference on Advanced Information Networking and Applications (AINA), pp. 729\u2013736. IEEE (2010)","DOI":"10.1109\/AINA.2010.86"},{"issue":"2","key":"11_CR13","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1016\/j.ijcip.2013.05.001","volume":"6","author":"N Goldenberg","year":"2013","unstructured":"Goldenberg, N., Wool, A.: Accurate modeling of modbus\/tcp for intrusion detection in SCADA systems. Int. J. Crit. Infrastruct. Prot. 6(2), 63\u201375 (2013)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Hadziosmanovic, D., Bolzoni, D., Hartel, P.H., Etalle, S.: MELISSA: towards automated detection of undesirable user actions in critical infrastructures. In: Proceedings of the European Conference on Computer Network Defense, EC2ND 2011, Gothenburg, Sweden, pp. 41\u201348, USA, IEEE Computer Society, September 2011","DOI":"10.1109\/EC2ND.2011.10"},{"issue":"3","key":"11_CR15","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1016\/0167-6423(87)90035-9","volume":"8","author":"D Harel","year":"1987","unstructured":"Harel, D.: Statecharts: a visual formalism for complex systems. Sci. Comput. Program. 8(3), 231\u2013274 (1987)","journal-title":"Sci. Comput. Program."},{"issue":"2","key":"11_CR16","first-page":"37","volume":"9","author":"A Kleinmann","year":"2014","unstructured":"Kleinmann, A., Wool, A.: Accurate modeling of the siemens S7 SCADA protocol for intrusion detection and digital forensic. JDFSL 9(2), 37\u201350 (2014)","journal-title":"JDFSL"},{"issue":"3","key":"11_CR17","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1109\/MSP.2011.67","volume":"9","author":"R Langner","year":"2011","unstructured":"Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49\u201351 (2011)","journal-title":"IEEE Secur. Priv."},{"key":"11_CR18","unstructured":"Marsh, R.T.: Critical foundations: protecting america\u2019s infrastructures - the report of the president\u2019s commission on critical infrastructure protection. Technical report, October 1997"},{"issue":"3","key":"11_CR19","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1109\/65.283931","volume":"8","author":"B Mukherjee","year":"1994","unstructured":"Mukherjee, B., Heberlein, L.T., Levitt, K.N.: Network intrusion detection. IEEE Network 8(3), 26\u201341 (1994)","journal-title":"IEEE Network"},{"key":"11_CR20","unstructured":"Porras, P.A., Neumann, P.G.: EMERALD: event monitoring enabling responses to anomalous live disturbances. In: 1997 National Information Systems Security Conference, October 1997"},{"key":"11_CR21","unstructured":"Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of the 13th USENIX Conference on System Administration, LISA 1999, pp. 229\u2013238. USENIX Association, Berkeley (1999)"},{"key":"11_CR22","doi-asserted-by":"crossref","unstructured":"Sommer, R., Paxson, V.: Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 305\u2013316, May 2010","DOI":"10.1109\/SP.2010.25"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Valdes, A., Cheung, S.: Communication pattern anomaly detection in process control systems. In: IEEE Conference on Technologies for Homeland Security (HST), pp. 22\u201329. IEEE (2009)","DOI":"10.1109\/THS.2009.5168010"},{"key":"11_CR24","unstructured":"Wiens, T.: S7comm wireshark dissector plugin, January 2014. http:\/\/sourceforge.net\/projects\/s7commwireshark"},{"key":"11_CR25","unstructured":"Wikipedia: Variable-length quantity \u2013 Wikipedia, the free encyclopedia, (2015). Accessed 5 May 2015"},{"key":"11_CR26","unstructured":"Yang, D., Usynin, A., Hines, J.W.: Anomaly-based intrusion detection for SCADA systems. In: 5th Int International Topical Meeting on Nuclear Plant Instrumentation, Control and Human Machine Interface Technologies, pp. 12\u201316 (2006)"},{"issue":"1","key":"11_CR27","doi-asserted-by":"crossref","first-page":"116","DOI":"10.1109\/TR.2004.823851","volume":"53","author":"N Ye","year":"2004","unstructured":"Ye, N., Zhang, Y., Borror, C.M.: Robustness of the markov-chain model for cyber-attack detection. IEEE Trans. Reliab. 53(1), 116\u2013123 (2004)","journal-title":"IEEE Trans. Reliab."}],"container-title":["Lecture Notes in Computer Science","Critical Information Infrastructures Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-33331-1_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,7]],"date-time":"2019-09-07T15:11:53Z","timestamp":1567869113000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-33331-1_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319333304","9783319333311"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-33331-1_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}