{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T08:42:39Z","timestamp":1774946559939,"version":"3.50.1"},"reference-count":25,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,10]]},"DOI":"10.1109\/smartgridcomm.2018.8587533","type":"proceedings-article","created":{"date-parts":[[2018,12,27]],"date-time":"2018-12-27T22:58:36Z","timestamp":1545951516000},"page":"1-7","source":"Crossref","is-referenced-by-count":25,"title":["EDMAND: Edge-Based Multi-Level Anomaly Detection for SCADA Networks"],"prefix":"10.1109","author":[{"given":"Wenyu","family":"Ren","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Timothy","family":"Yardley","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Klara","family":"Nahrstedt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/2994487.2994492"},{"key":"ref11","first-page":"1","article-title":"On SCADA control system command and response injection and intrusion detection","author":"gao","year":"2010","journal-title":"ECrime Researchers Summit (eCrime) 2010"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/2897795.2897814"},{"key":"ref13","first-page":"1","article-title":"Using model-based intrusion detection for scada networks","volume":"46","author":"cheung","year":"2007","journal-title":"Proceedings of the Scada Security Scientific Symposium"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/SmartGridComm.2015.7436292"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/TPWRD.2014.2300099"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"key":"ref17","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1016\/j.ijcip.2013.05.001","article-title":"Accurate modeling of Modbus\/TCP for intrusion detection in SCADA systems","volume":"6","author":"goldenberg","year":"2013","journal-title":"International Journal of Critical Infrastructure Protection"},{"key":"ref18","doi-asserted-by":"crossref","first-page":"59","DOI":"10.1016\/j.ijcip.2015.05.001","article-title":"Control variable classification, modeling and anomaly detection in Modbus\/TCP SCADA systems","volume":"10","author":"erez","year":"2015","journal-title":"International Journal of Critical Infrastructure Protection"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2015.2443793"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SAI.2014.6918252"},{"key":"ref3","article-title":"Analysis of the cyber attack on the ukrainian power grid","author":"case","year":"2016","journal-title":"Electricity Information Sharing and Analysis Center (E-ISAC)"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/TIE.2011.2181132"},{"key":"ref5","doi-asserted-by":"crossref","first-page":"44","DOI":"10.1145\/2899015.2899028","article-title":"Exploiting bro for intrusion detection in a SCADA system","author":"udd","year":"2016","journal-title":"Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2013.105"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/PESMG.2013.6672100"},{"key":"ref2","first-page":"29","article-title":"W32. stuxnet dossier","volume":"5","author":"falliere","year":"2011","journal-title":"White Paper Symantec Corp Security Response"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/2459976.2459982"},{"key":"ref1","article-title":"The use of attack trees in assessing vulnerabilities in SCADA systems","author":"byres","year":"2004","journal-title":"Proceedings of the International Infrastructure Survivability Workshop"},{"key":"ref20","doi-asserted-by":"crossref","DOI":"10.3990\/1.9789036536455","article-title":"Anomaly detection in SCADA systems: a network based approach","author":"barbosa","year":"2014"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1137\/1.9781611972764.29"},{"key":"ref21","first-page":"551","article-title":"OLAF: Operation-level traffic analyzer framework for Smart Grid","author":"ren","year":"2016","journal-title":"2016 IEEE International Conference on Smart Grid Communications (SmartGridComm)"},{"key":"ref24","author":"qin","year":"2005","journal-title":"A Probabilistic-Based Framework for INFOSEC Alert Correlation"},{"key":"ref23","year":"0","journal-title":"Cyber-physical experimentation environment for RADICS"},{"key":"ref25","year":"0","journal-title":"DNP3 Secure Authentication V5"}],"event":{"name":"2018 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)","location":"Aalborg","start":{"date-parts":[[2018,10,29]]},"end":{"date-parts":[[2018,10,31]]}},"container-title":["2018 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8580358\/8587411\/08587533.pdf?arnumber=8587533","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,27]],"date-time":"2022-01-27T14:20:00Z","timestamp":1643293200000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8587533\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,10]]},"references-count":25,"URL":"https:\/\/doi.org\/10.1109\/smartgridcomm.2018.8587533","relation":{},"subject":[],"published":{"date-parts":[[2018,10]]}}}