{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T22:24:07Z","timestamp":1773872647492,"version":"3.50.1"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319459301","type":"print"},{"value":"9783319459318","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-45931-8_6","type":"book-chapter","created":{"date-parts":[[2016,9,16]],"date-time":"2016-09-16T07:26:19Z","timestamp":1474010779000},"page":"85-99","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":29,"title":["An HMM-Based Anomaly Detection Approach for SCADA Systems"],"prefix":"10.1007","author":[{"given":"Kyriakos","family":"Stefanidis","sequence":"first","affiliation":[]},{"given":"Artemios G.","family":"Voyiatzis","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,17]]},"reference":[{"key":"6_CR1","unstructured":"Accord.NET: Accord.NET Machine Learning Framework (2016). \n                      http:\/\/accord-framework.net\/"},{"issue":"2","key":"6_CR2","doi-asserted-by":"publisher","first-page":"7:1","DOI":"10.1145\/2814936","volume":"18","author":"MQ Ali","year":"2015","unstructured":"Ali, M.Q., Al-Shaer, E.: Randomization-based intrusion detection system for advanced metering infrastructure. ACM Trans. Inf. Syst. Secur. 18(2), 7:1\u20137:30 (2015). \n                      http:\/\/doi.acm.org\/10.1145\/2814936","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"6_CR3","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1016\/j.cose.2014.07.005","volume":"46","author":"A Almalawi","year":"2014","unstructured":"Almalawi, A., Yu, X., Tari, Z., Fahad, A., Khalil, I.: An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems. Comput. Secur. 46, 94\u2013110 (2014). \n                      http:\/\/dx.doi.org\/10.1016\/j.cose.2014.07.005","journal-title":"Comput. Secur."},{"issue":"4","key":"6_CR4","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1016\/j.cose.2010.12.004","volume":"30","author":"D Ariu","year":"2011","unstructured":"Ariu, D., Tronci, R., Giacinto, G.: HMMPayl: An intrusion detection system based on Hidden Markov Models. Comput. Secur. 30(4), 221\u2013241 (2011). \n                      http:\/\/dx.doi.org\/10.1016\/j.cose.2010.12.004","journal-title":"Comput. Secur."},{"key":"6_CR5","unstructured":"Barbosa, R.R.R.: Anomaly detection in SCADA systems: a network based approach. Ph.D. thesis, University of Twente, Enschede, April 2014. \n                      http:\/\/doc.utwente.nl\/90271\/"},{"key":"6_CR6","unstructured":"Beaver, J.M., Borges-Hink, R.C., Buckner, M.A.: An evaluation of machine learning methods to detect malicious SCADA communications. In: 2013 12th International Conference on Machine Learning and Applications, vol. 2, pp. 54\u201359 (2013). \n                      http:\/\/ieeexplore.ieee.org\/lpdocs\/epic03\/wrapper.htm?arnumber=6786081"},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"Caselli, M., Kargl, F.: Sequence-aware intrusion detection in industrial control systems. In: Proceedings of the 1st ACM Workshop on Cyber-Physical System Security, CPSS 2015, pp. 13\u201324 (2015)","DOI":"10.1145\/2732198.2732200"},{"key":"6_CR8","unstructured":"Cisco: Snort (2015). \n                      https:\/\/www.snort.org\/"},{"key":"6_CR9","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1016\/j.ijcip.2015.05.001","volume":"10","author":"N Erez","year":"2015","unstructured":"Erez, N., Wool, A.: Control variable classification, modeling and anomaly detection in Modbus\/TCP SCADA systems. Int. J. Crit. Infrastruct. Prot. 10, 59\u201370 (2015). \n                      http:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S1874548215000396","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"6_CR10","unstructured":"Had\u017eiosmanovi\u0107, D., Sommer, R., Zambon, E., Hartel, P.H.: Through the eye of the PLC: semantic security monitoring for industrial processes. In: Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, pp. 126\u2013135 (2014). \n                      http:\/\/dl.acm.org\/citation.cfm?id=2664243.2664277"},{"key":"6_CR11","unstructured":"Hsu, J., Mudd, D., Thornton, Z.: Mississippi state university project report - SCADA anomaly detection project summary. Technical report, Mississippi State University (2014). \n                      http:\/\/www.ece.uah.edu\/thm0009\/icsdatasets\/MSU_SCADA_Final_Report.pdf"},{"key":"6_CR12","doi-asserted-by":"publisher","first-page":"2774","DOI":"10.3390\/s150202774","volume":"15","author":"L Mart\u00ed","year":"2015","unstructured":"Mart\u00ed, L., Sanchez-Pi, N., Molina, J., Garcia, A.: Anomaly detection based on sensor data in petroleum industry applications. Sensors 15, 2774\u20132797 (2015). \n                      http:\/\/www.mdpi.com\/1424-8220\/15\/2\/2774\/","journal-title":"Sensors"},{"issue":"2","key":"6_CR13","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1016\/j.ijcip.2011.06.005","volume":"4","author":"T Morris","year":"2011","unstructured":"Morris, T., Srivastava, A., Reaves, B., Gao, W., Pavurapu, K., Reddi, R.: A control system testbed to validate critical infrastructure protection concepts. Int. J. Crit. Infrastruct. Prot. 4(2), 88\u2013103 (2011). \n                      http:\/\/www.sciencedirect.com\/science\/article\/pii\/S1874548211000266","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"6_CR14","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1016\/j.ress.2015.01.024","volume":"138","author":"S Ntalampiras","year":"2015","unstructured":"Ntalampiras, S., Soupionis, Y., Giannopoulos, G.: A fault diagnosis system for interdependent critical infrastructures based on HMMs. Reliab. Eng. Syst. Saf. 138, 73\u201381 (2015). \n                      http:\/\/dx.doi.org\/10.1016\/j.ress.2015.01.024","journal-title":"Reliab. Eng. Syst. Saf."},{"issue":"6","key":"6_CR15","doi-asserted-by":"publisher","first-page":"864","DOI":"10.1016\/j.comnet.2008.11.011","volume":"53","author":"R Perdisci","year":"2009","unstructured":"Perdisci, R., Ariu, D., Fogla, P., Giacinto, G., Lee, W.: McPAD: a multiple classifier system for accurate payload-based anomaly detection. Comput. Netw. 53(6), 864\u2013881 (2009). \n                      http:\/\/dx.doi.org\/10.1016\/j.comnet.2008.11.011","journal-title":"Comput. Netw."},{"key":"6_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/978-3-642-41485-5_4","volume-title":"Critical Information Infrastructures Security","author":"M Raciti","year":"2013","unstructured":"Raciti, M., Nadjm-Tehrani, S.: Embedded cyber-physical anomaly detection in smart meters. In: H\u00e4mmerli, B.M., Kalstad Svendsen, N., Lopez, J. (eds.) CRITIS 2012. LNCS, vol. 7722, pp. 34\u201345. Springer, Heidelberg (2013)"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Schuster, F., Paul, A.: Potentials of using one-class SVM for detecting protocol-specific anomalies in industrial networks. In: 2015 IEEE Symposium Series on Computational Intelligence, pp. 83\u201390 (2015)","DOI":"10.1109\/SSCI.2015.22"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Voyiatzis, A., Katsigiannis, K., Koubias, S.: A Modbus\/TCP fuzzer for testing internetworked industrial systems. In: 20th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2015), Luxembourg, 8\u201311 September 2015","DOI":"10.1109\/ETFA.2015.7301400"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Yasakethu, S., Jiang, J.: Intrusion detection via machine learning for SCADA system protection. In: The 1st International Symposium for ICS & SCADA Cyber Security Research, pp. 101\u2013105 (2013)","DOI":"10.14236\/ewic\/ICSCSR2013.12"},{"key":"6_CR20","doi-asserted-by":"crossref","unstructured":"Yoon, M.k., Ciocarlie, G.F.: Communication pattern monitoring: improving the utility of anomaly detection for industrial control systems. In: NDSS Workshop on Security of Emerging Networking Technologies (SENT) (2014)","DOI":"10.14722\/sent.2014.23012"},{"key":"6_CR21","unstructured":"Zhu, B.X.: Resilient control and intrusion detection for SCADA systems. Ph.D. thesis, EECS Department, University of California, Berkeley, May 2014. \n                      http:\/\/www.eecs.berkeley.edu\/Pubs\/TechRpts\/2014\/EECS-2014-34.html"}],"container-title":["Lecture Notes in Computer Science","Information Security Theory and Practice"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-45931-8_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,9,19]],"date-time":"2020-09-19T00:22:13Z","timestamp":1600474933000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-45931-8_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319459301","9783319459318"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-45931-8_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"17 September 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"WISTP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Information Security Theory and Practice","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Heraklion","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"wistp2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}