{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T02:15:41Z","timestamp":1771467341097,"version":"3.50.1"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319998428","type":"print"},{"value":"9783319998435","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-99843-5_19","type":"book-chapter","created":{"date-parts":[[2018,9,8]],"date-time":"2018-09-08T07:15:01Z","timestamp":1536390901000},"page":"207-224","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Side-Channel Based Intrusion Detection for Industrial Control Systems"],"prefix":"10.1007","author":[{"given":"Pol","family":"Van Aubel","sequence":"first","affiliation":[]},{"given":"Kostas","family":"Papagiannopoulos","sequence":"additional","affiliation":[]},{"given":"\u0141ukasz","family":"Chmielewski","sequence":"additional","affiliation":[]},{"given":"Christian","family":"Doerr","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,9,9]]},"reference":[{"key":"19_CR1","unstructured":"Abbasi, A., Hashemi, M.: Ghost in the PLC: designing an undetectable programmable logic controller rootkit via pin control attack. In: Black Hat Europe, pp. 1\u201335, November 2016"},{"key":"19_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11894063_1","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2006","author":"C Archambeau","year":"2006","unstructured":"Archambeau, C., Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Template attacks in principal subspaces. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 1\u201314. Springer, Heidelberg (2006). \nhttps:\/\/doi.org\/10.1007\/11894063_1"},{"issue":"2","key":"19_CR3","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1016\/j.ijcip.2013.04.004","volume":"6","author":"Z Basnight","year":"2013","unstructured":"Basnight, Z., Butts, J., Lopez, J., Dube, T.: Firmware modification attacks on programmable logic controllers. Int. J. Crit. Infrastruct. Prot. 6(2), 76\u201384 (2013). \nhttps:\/\/doi.org\/10.1016\/j.ijcip.2013.04.004","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"19_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"184","DOI":"10.1007\/978-3-319-43283-0_11","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"A Beckers","year":"2016","unstructured":"Beckers, A., Balasch, J., Gierlichs, B., Verbauwhede, I.: Design and implementation of a waveform-matching based triggering system. In: Standaert, F.-X., Oswald, E. (eds.) COSADE 2016. LNCS, vol. 9689, pp. 184\u2013198. Springer, Cham (2016). \nhttps:\/\/doi.org\/10.1007\/978-3-319-43283-0_11"},{"key":"19_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/3-540-36400-5_3","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2002","author":"S Chari","year":"2003","unstructured":"Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Ko\u00e7, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13\u201328. Springer, Heidelberg (2003). \nhttps:\/\/doi.org\/10.1007\/3-540-36400-5_3"},{"key":"19_CR6","doi-asserted-by":"publisher","unstructured":"Chaudhari, A., Abraham, J.: Stream cipher hash based execution monitoring (SCHEM) framework for intrusion detection on embedded processors. In: International On-Line Testing Symposium - IOLTS, pp. 162\u2013167 (2012). \nhttps:\/\/doi.org\/10.1109\/IOLTS.2012.6313864","DOI":"10.1109\/IOLTS.2012.6313864"},{"key":"19_CR7","unstructured":"Cherepanov, A.: Win32\/industroyer - a new threat for industrial control systems. White paper. ESET, June 2017. \nhttps:\/\/www.welivesecurity.com\/2017\/06\/12\/industroyer-biggest-threat-industrial-control-systems-since-stuxnet\/"},{"key":"19_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/978-3-319-08302-5_17","volume-title":"Smart Card Research and Advanced Applications","author":"O Choudary","year":"2014","unstructured":"Choudary, O., Kuhn, M.G.: Efficient template attacks. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 253\u2013270. Springer, Cham (2014). \nhttps:\/\/doi.org\/10.1007\/978-3-319-08302-5_17"},{"key":"19_CR9","unstructured":"CRASHOVERRIDE - analysis of the threat to electric grid operations. White paper. Dragos Inc., June 2017. \nhttps:\/\/www.dragos.com\/blog\/crashoverride\/"},{"key":"19_CR10","unstructured":"Cui, A., Costello, M., Stolfo, S.J.: When firmware modifications attack: a case study of embedded exploitation. In: NDSS (2013). \nhttps:\/\/www.ndss-symposium.org\/ndss2013\/ndss-2013-programme\/when-firmware-modifications-attack-case-study-embedded-exploitation\/"},{"key":"19_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"358","DOI":"10.1007\/978-3-642-23644-0_19","volume-title":"Recent Advances in Intrusion Detection","author":"A Cui","year":"2011","unstructured":"Cui, A., Stolfo, S.J.: Defending embedded systems with software symbiotes. In: Sommer, R., Balzarotti, D., Maier, G. (eds.) RAID 2011. LNCS, vol. 6961, pp. 358\u2013377. Springer, Heidelberg (2011). \nhttps:\/\/doi.org\/10.1007\/978-3-642-23644-0_19"},{"issue":"5\u20136","key":"19_CR12","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1080\/19393555.2014.891277","volume":"22","author":"S Dupuis","year":"2013","unstructured":"Dupuis, S., Natale, G.D., Flottes, M., Rouzeyre, B.: On the effectiveness of hardware trojan horse detection via side-channel analysis. Inf. Secur. J.: Glob. Perspect. 22(5\u20136), 226\u2013236 (2013). \nhttps:\/\/doi.org\/10.1080\/19393555.2014.891277","journal-title":"Inf. Secur. J.: Glob. Perspect."},{"key":"19_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/978-3-642-17499-5_4","volume-title":"Transactions on Computational Science X","author":"T Eisenbarth","year":"2010","unstructured":"Eisenbarth, T., Paar, C., Weghenkel, B.: Building a side channel based disassembler. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science X. LNCS, vol. 6340, pp. 78\u201399. Springer, Heidelberg (2010). \nhttps:\/\/doi.org\/10.1007\/978-3-642-17499-5_4"},{"key":"19_CR14","unstructured":"Falliere, N., Murchu, L.O., Chien, E.: W32. stuxnet dossier. White paper, Symantec Corporation, Security Response 5.6 (2011). \nhttps:\/\/www.symantec.com\/connect\/blogs\/w32stuxnet-dossier"},{"key":"19_CR15","unstructured":"Goldack, M.: Side-channel based reverse engineering for microcontrollers. Master\u2019s thesis, Ruhr-Universit\u00e4t Bochum, Germany (2008). \nhttps:\/\/www.emsec.rub.de\/research\/theses\/"},{"key":"19_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/978-3-642-27954-6_15","volume-title":"Topics in Cryptology \u2013 CT-RSA 2012","author":"J Heyszl","year":"2012","unstructured":"Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized electromagnetic analysis of cryptographic implementations. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 231\u2013244. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-27954-6_15"},{"key":"19_CR17","doi-asserted-by":"publisher","unstructured":"Lin, H., Slagell, A., Di Martino, C., Kalbarczyk, Z., Iyer, R.K.: Adapting Bro into SCADA: building a specification-based intrusion detection system for the DNP3 protocol. In: Cyber Security and Information Intelligence Research Workshop - CSIIRW 2013, pp. 1\u20134 (2013). \nhttps:\/\/doi.org\/10.1145\/2459976.2459982\n\n. Article no. 5","DOI":"10.1145\/2459976.2459982"},{"key":"19_CR18","doi-asserted-by":"publisher","unstructured":"Liu, Y., Wei, L., Zhou, Z., Zhang, K., Xu, W., Xu, Q.: On code execution tracking via power side-channel. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 1019\u20131031 (2016). \nhttps:\/\/doi.org\/10.1145\/2976749.2978299","DOI":"10.1145\/2976749.2978299"},{"key":"19_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"620","DOI":"10.1007\/978-3-662-48324-4_31","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2015","author":"J Longo","year":"2015","unstructured":"Longo, J., De Mulder, E., Page, D., Tunstall, M.: SoC It to EM: electromagnetic side-channel attacks on a complex system-on-chip. In: G\u00fcneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 620\u2013640. Springer, Heidelberg (2015). \nhttps:\/\/doi.org\/10.1007\/978-3-662-48324-4_31"},{"key":"19_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1007\/978-3-319-10175-0_18","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"M Msgna","year":"2014","unstructured":"Msgna, M., Markantonakis, K., Naccache, D., Mayes, K.: Verifying software integrity in embedded systems: a side channel approach. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 261\u2013280. Springer, Cham (2014). \nhttps:\/\/doi.org\/10.1007\/978-3-319-10175-0_18"},{"key":"19_CR21","unstructured":"Open Source SECurity. \nhttps:\/\/ossec.github.io\/"},{"key":"19_CR22","unstructured":"PCBGRIP. \nhttps:\/\/pcbgrip.com\/"},{"key":"19_CR23","unstructured":"Peck, D., Peterson, D.: Leveraging ethernet card vulnerabilities in field devices. In: SCADA Security Scientific Symposium, pp. 1\u201319 (2009)"},{"issue":"1","key":"19_CR24","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1016\/j.vlsi.2005.12.013","volume":"40","author":"E Peeters","year":"2007","unstructured":"Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Power and electromagnetic analysis: improved model, consequences and comparisons. Integration 40(1), 52\u201360 (2007). \nhttps:\/\/doi.org\/10.1016\/j.vlsi.2005.12.013","journal-title":"Integration"},{"key":"19_CR25","unstructured":"Quisquater, J.-J., Samyde, D.: Automatic code recognition for smart cards using a Kohonen neural network. In: CARDIS 2002, vol. 5, pp. 51\u201358. USENIX Association, Berkeley (2002). \nhttps:\/\/dial.uclouvain.be\/pr\/boreal\/object\/boreal:68059"},{"key":"19_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-642-20465-4_8","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"M Renauld","year":"2011","unstructured":"Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N., Kamel, D., Flandre, D.: A formal study of power variability issues and side-channel attacks for nanoscale devices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 109\u2013128. Springer, Heidelberg (2011). \nhttps:\/\/doi.org\/10.1007\/978-3-642-20465-4_8"},{"key":"19_CR27","unstructured":"Riscure: icWaves. \nhttps:\/\/www.riscure.com\/security-tools\/hardware\/icwaves"},{"key":"19_CR28","unstructured":"Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of the 13th USENIX Conference on System Administration, LISA 1999, pp. 229\u2013238. USENIX Association, Berkeley (1999)"},{"key":"19_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1007\/11545262_3","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2005","author":"W Schindler","year":"2005","unstructured":"Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30\u201346. Springer, Heidelberg (2005). \nhttps:\/\/doi.org\/10.1007\/11545262_3"},{"key":"19_CR30","doi-asserted-by":"publisher","unstructured":"Strobel, D., Bache, F., Oswald, D., Schellenberg, F., Paar, C.: SCANDALee: A side-ChANnel-based DisAssembLer using local electromagnetic emanations. In: Design, Automation and Test in Europe - DATE, pp. 139\u2013144, March 2015. \nhttps:\/\/doi.org\/10.7873\/DATE.2015.0639","DOI":"10.7873\/DATE.2015.0639"},{"key":"19_CR31","doi-asserted-by":"publisher","unstructured":"Vermoen, D., Witteman, M., Gaydadjiev, G.N.: Reverse engineering Java Card applets using power analysis. In: Smart Cards, Mobile and Ubiquitous Computing Systems: First IFIP TC6\/WG 8.8\/WG 11.2 International Workshop - WISTP, pp. 138\u2013149 (2007). \nhttps:\/\/doi.org\/10.1007\/978-3-540-72354-7_12","DOI":"10.1007\/978-3-540-72354-7_12"},{"key":"19_CR32","doi-asserted-by":"publisher","unstructured":"Yoon, M.-K., Mohan, S., Choi, J., Sha, L.: Memory Heat Map: anomaly detection in real-time embedded systems using memory behavior. In: Design Automation Conference - DAC, vol. 35, no. 1\u201335, p. 6 (2015). \nhttps:\/\/doi.org\/10.1145\/2744769.2744869","DOI":"10.1145\/2744769.2744869"},{"key":"19_CR33","doi-asserted-by":"publisher","unstructured":"Zhang, T., Zhuang, X., Pande, S., Lee, W.: Anomalous path detection with hardware support. In: Compilers, architectures and synthesis for embedded systems - CASES, pp. 43\u201354 (2005). \nhttps:\/\/doi.org\/10.1145\/1086297.1086305","DOI":"10.1145\/1086297.1086305"},{"key":"19_CR34","unstructured":"Zhang, T., Zhuang, X., Pande, S., Lee, W.: Hardware supported anomaly detection: down to the control flow level. Technical report, March 2004. \nhttp:\/\/hdl.handle.net\/1853\/96"}],"container-title":["Lecture Notes in Computer Science","Critical Information Infrastructures Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-99843-5_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,9,8]],"date-time":"2018-09-08T07:33:23Z","timestamp":1536392003000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-99843-5_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319998428","9783319998435"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-99843-5_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]}}}