{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T10:07:46Z","timestamp":1743156466927,"version":"3.40.3"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319955964"},{"type":"electronic","value":"9783319955971"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-319-95597-1_7","type":"book-chapter","created":{"date-parts":[[2019,1,25]],"date-time":"2019-01-25T08:12:59Z","timestamp":1548403979000},"page":"151-175","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Multi-range Decoy I\/O Defense of Electrical Substations Against Industrial Control System Malware"],"prefix":"10.1007","author":[{"given":"Julian L.","family":"Rrushi","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,1,26]]},"reference":[{"key":"7_CR1","unstructured":"ICS-CERT: Cyber-attack against Ukrainian critical infrastructure. Available online at \n                    https:\/\/ics-cert.us-cert.gov\/alerts\/IR-ALERT-H-16-056-01"},{"key":"7_CR2","volume-title":"Analysis of the cyber attack on the Ukrainian power grid","author":"RM Lee","year":"2016","unstructured":"Lee RM, Assante J, Conway T (2016) Analysis of the cyber attack on the Ukrainian power grid. Defense use case white paper. Available online at \n                    https:\/\/ics.sans.org\/media\/E-ISAC_SANS_Ukraine_DUC_5.pdf"},{"key":"7_CR3","unstructured":"Symantec (2014) Dragonfly: cyberespionage attacks against energy suppliers. Available online at \n                    https:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf"},{"key":"7_CR4","volume-title":"Scanderbeg, the hero of Europe","author":"S Lezi","year":"2014","unstructured":"Lezi S (2014) Scanderbeg, the hero of Europe. CreateSpace Independent Publishing Platform, Scotts Valley"},{"key":"7_CR5","unstructured":"Falliere N, Murchu LO, Chien E (2011) W32.Stuxnet Dossier. Symantec security response, version 1.4. Available online at \n                    http:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/w32_stuxnet_dossier.pdf"},{"key":"7_CR6","unstructured":"Siemens: What properties, advantages and special features does the S7 protocol offer? Available online at \n                    https:\/\/support.industry.siemens.com\/cs\/document\/26483647\/what-properties-advantages-and-special-features-does-the-s7-protocol\/-offer-?dti=0&lc=en-WW"},{"key":"7_CR7","volume-title":"IronGate ICS malware \u2013 Nothing to see here\u2026Masking malicious activity on SCADA systems","author":"J Homan","year":"2016","unstructured":"Homan J, McBride S, Caldwell R (2016) IronGate ICS malware \u2013 Nothing to see here\u2026Masking malicious activity on SCADA systems. FireEye threat research Blog. Available online at \n                    https:\/\/www.fireeye.com\/blog\/threat-research\/2016\/06\/irongate_ics_malware.html"},{"key":"7_CR8","first-page":"181","volume-title":"Lecture Notes in Computer Science","author":"D\u00e1niel Istv\u00e1n Buza","year":"2014","unstructured":"Buza DI, Juhasz F, Miru G, Felegyhazi M, Holczer T (2014) CryPLH: Protecting smart energy systems from targeted attacks with a PLC honeypot. Smart grid security, vol 8448. Springer, Berlin, pp 181\u2013192"},{"key":"7_CR9","unstructured":"Rist L, Vestergaard J, Haslinger D, De Pasquale A, Smith J, CONPOT ICS\/SCADA honeypot. Available online at \n                    http:\/\/conpot.org"},{"issue":"2","key":"7_CR10","doi-asserted-by":"publisher","first-page":"1337","DOI":"10.1109\/TII.2014.2304633","volume":"10","author":"T Vollmer","year":"2014","unstructured":"Vollmer T, Manic M (2014) Cyber-physical system security with deceptive virtual hosts for industrial control networks. IEEE Trans Ind Inf 10(2):1337\u20131347","journal-title":"IEEE Trans Ind Inf"},{"key":"7_CR11","unstructured":"International Electrotechnical Commission (2004) IEC 61850 \u2013 Communication Networks and Systems in Substations, parts 1 through 9"},{"issue":"1","key":"7_CR12","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1016\/j.ijcip.2011.06.002","volume":"4","author":"J Rrushi","year":"2011","unstructured":"Rrushi J (2011) An exploration of defensive deception in industrial communication networks. Int J Crit Infrastruct Prot 4(1):66\u201375","journal-title":"Int J Crit Infrastruct Prot"},{"issue":"C","key":"7_CR13","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1016\/j.cose.2016.05.002","volume":"61","author":"J Rrushi","year":"2016","unstructured":"Rrushi J (2016) NIC displays to thwart malware attacks mounted from within the OS. J Comput Secur 61(C):59\u201371","journal-title":"J Comput Secur"},{"key":"7_CR14","doi-asserted-by":"publisher","first-page":"433","DOI":"10.1007\/978-3-319-61176-1_24","volume-title":"Data and Applications Security and Privacy XXXI","author":"Seth Simms","year":"2017","unstructured":"Simms S, Maxwell M, Johnson S, Rrushi J (2017) Keylogger detection using a decoy keyboard. In: Proceedings of the 31st Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, Philadelphia. Springer, Cham"},{"key":"7_CR15","unstructured":"Rrushi J, DNIC architectural developments for 0-Knowledge detection of OPC malware. Currently in the second round of review at IEEE Trans Dependable Secure Comput"},{"key":"7_CR16","volume-title":"OPC \u2013 from data access to unified architecture","author":"J Lange","year":"2010","unstructured":"Lange J, Iwanitz F, Burke T (2010) OPC \u2013 from data access to unified architecture, 4th edn. VDE Verlag GmbH, Berlin","edition":"4"},{"key":"7_CR17","unstructured":"International Organization for Standardization, Technical Committee 184: manufacturing message specification. Available online at \n                    https:\/\/www.iso.org"},{"key":"7_CR18","unstructured":"RTDS Technologies: real time digital power simulator. Available online at \n                    https:\/\/www.rtds.com"},{"key":"7_CR19","volume-title":"Nonlinear dynamics and chaos \u2013 with applications to physics, biology, chemistry, and engineering","author":"SH Strogatz","year":"2014","unstructured":"Strogatz SH (2014) Nonlinear dynamics and chaos \u2013 with applications to physics, biology, chemistry, and engineering, 2nd edn. Westview Press, Boulder","edition":"2"},{"key":"7_CR20","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511803260","volume-title":"Chaos in dynamical systems","author":"E Ott","year":"2002","unstructured":"Ott E (2002) Chaos in dynamical systems, 2nd edn. Cambridge University Press, Cambridge","edition":"2"},{"issue":"1196","key":"7_CR21","doi-asserted-by":"publisher","first-page":"1196","DOI":"10.1103\/PhysRevLett.64.1196","volume":"64","author":"E Ott","year":"1990","unstructured":"Ott E, Grebogi C, Yorke JA (1990) Controlling chaos. Phys Rev Lett 64(1196):1196\u20131199","journal-title":"Phys Rev Lett"},{"issue":"165","key":"7_CR22","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1016\/0167-2789(92)90107-X","volume":"58","author":"F Romeiras","year":"1992","unstructured":"Romeiras F, Grebogi C, Ott E, Dayawansa WP (1992) Controlling chaotic dynamical systems. Phys D 58(165):165\u2013192","journal-title":"Phys D"},{"key":"7_CR23","volume-title":"The evolution of animal communication \u2013 reliability and deception in signaling systems","author":"W Searcy","year":"2005","unstructured":"Searcy W, Nowicki S (2005) The evolution of animal communication \u2013 reliability and deception in signaling systems. Princeton University Press, Princeton"},{"key":"7_CR24","volume-title":"Genetic algorithms in search, optimization and machine learning","author":"DE Goldberg","year":"1989","unstructured":"Goldberg DE (1989) Genetic algorithms in search, optimization and machine learning. Kluwer Academic Publishers, Boston"},{"key":"7_CR25","volume-title":"Modern control theory","author":"WL Brogan","year":"1990","unstructured":"Brogan WL (1990) Modern control theory, 3rd edn. Prentice-Hall, Upper Saddle River","edition":"3"},{"key":"7_CR26","doi-asserted-by":"publisher","DOI":"10.1002\/0470045345","volume-title":"Optimal state estimation \u2013 Kalman H infinity, and nonlinear approaches","author":"D Simon","year":"2006","unstructured":"Simon D (2006) Optimal state estimation \u2013 Kalman H infinity, and nonlinear approaches, 1st edn. Wiley-Interscience, Hoboken","edition":"1"},{"key":"7_CR27","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781139192903","volume-title":"Steganography in digital media \u2013 principles, algorithms, and applications","author":"J Fridrich","year":"2009","unstructured":"Fridrich J (2009) Steganography in digital media \u2013 principles, algorithms, and applications, 1st edn. Cambridge University Press, Cambridge","edition":"1"},{"key":"7_CR28","unstructured":"The Apache Software Foundation: Apache Hadoop. Available online at \n                    http:\/\/hadoop.apache.org"},{"key":"7_CR29","unstructured":"The Apache Software Foundation: MapReduce. Available online at \n                    https:\/\/hadoop.apache.org\/docs\/r1.2.1\/mapred_tutorial.html"},{"key":"7_CR30","first-page":"168","volume-title":"Architectural Support for Programming Languages and Operating Systems (ASPLOS IX)","author":"D Lie","year":"2000","unstructured":"Lie D, Thekkath CA, Mitchell M, Lincoln P, Boneh D, Mitchell JC, Horowitz M (2000) Architectural support for copy and tamper resistant software. In: Architectural Support for Programming Languages and Operating Systems (ASPLOS IX). ACM, New York, pp 168\u2013177"},{"key":"7_CR31","volume-title":"Certifying program execution with secure processors","author":"B Chen","year":"2003","unstructured":"Chen B, Morris R (2003) Certifying program execution with secure processors. In: Proceedings of the Usenix Workshop on Hot Topics in Operating Systems. Lihue, Hawaii"},{"key":"7_CR32","unstructured":"DNP Technical committee: distributed network protocol. Available online at \n                    https:\/\/www.dnp.org"}],"container-title":["Advanced Sciences and Technologies for Security Applications","Resilience of Cyber-Physical Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-95597-1_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T17:14:24Z","timestamp":1558372464000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-95597-1_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783319955964","9783319955971"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-95597-1_7","relation":{},"ISSN":["1613-5113","2363-9466"],"issn-type":[{"type":"print","value":"1613-5113"},{"type":"electronic","value":"2363-9466"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"26 January 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}