{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,16]],"date-time":"2025-12-16T12:30:58Z","timestamp":1765888258040,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":39,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,12,10]],"date-time":"2019-12-10T00:00:00Z","timestamp":1575936000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1718017"],"award-info":[{"award-number":["1718017"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,12,10]]},"DOI":"10.1145\/3372318.3372324","type":"proceedings-article","created":{"date-parts":[[2019,12,23]],"date-time":"2019-12-23T20:55:31Z","timestamp":1577134531000},"page":"48-59","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["If I Knew Then What I Know Now"],"prefix":"10.1145","author":[{"given":"Celine","family":"Irvene","sequence":"first","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, Georgia"}]},{"given":"Tohid","family":"Shekari","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, Georgia"}]},{"given":"David","family":"Formby","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, Georgia"}]},{"given":"Raheem","family":"Beyah","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, Georgia"}]}],"member":"320","published-online":{"date-parts":[[2019,12,10]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516745"},{"volume-title":"Network Operations and Management Symposium (NOMS)","year":"2012","author":"Regis Barbosa Rafael Ramos","key":"e_1_3_2_1_2_1"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/PRDC.2011.30"},{"key":"e_1_3_2_1_4_1","unstructured":"Marina Krotofil Dan Scali Nathan Brubaker Christopher Glyer Blake Johnson Dan Caban. 2017. Attackers Deploy New ICS Attack Framework \"TRITON\" and Cause Operational Disruption to Critical Infrastructure. https:\/\/www.fireeye.com\/blog\/threat-research\/2017\/12\/attackers-deploy-new-ics-attack-framework-triton.html  Marina Krotofil Dan Scali Nathan Brubaker Christopher Glyer Blake Johnson Dan Caban. 2017. Attackers Deploy New ICS Attack Framework \"TRITON\" and Cause Operational Disruption to Critical Infrastructure. https:\/\/www.fireeye.com\/blog\/threat-research\/2017\/12\/attackers-deploy-new-ics-attack-framework-triton.html"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2010.2099234"},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the SCADA security scientific symposium","volume":"46","author":"Cheung Steven","year":"2007"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Gordon Clarke Deon Reynders and Edwin Wright. 2004. Practical modern SCADA protocols: DNP3 60870.5 and related systems. Newnes.  Gordon Clarke Deon Reynders and Edwin Wright. 2004. Practical modern SCADA protocols: DNP3 60870.5 and related systems. Newnes.","DOI":"10.1016\/B978-075065799-0\/50019-X"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSCloud.2015.86"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SARNOF.2015.7324661"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDIS.2018.00028"},{"key":"e_1_3_2_1_11_1","unstructured":"Marshall DenHartog. 2012. DNP3 Tutorial:Learn the Industry-Standard SCADA Protocol. Technical Report. DPS Telecom.  Marshall DenHartog. 2012. DNP3 Tutorial:Learn the Industry-Standard SCADA Protocol. Technical Report. DPS Telecom."},{"key":"e_1_3_2_1_12_1","unstructured":"DNP. 2002. DNP3 Quick Reference. http:\/\/read.pudn.com\/downloads151\/doc\/comm\/655523\/DNP3QuickReference.pdf [Online; accessed September 18 2018].  DNP. 2002. DNP3 Quick Reference. http:\/\/read.pudn.com\/downloads151\/doc\/comm\/655523\/DNP3QuickReference.pdf [Online; accessed September 18 2018]."},{"volume-title":"Proceedings of the 2011 Winter Simulation Conference (WSC). 2614--2626","year":"2011","author":"Jin Dong","key":"e_1_3_2_1_13_1"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Samuel East Jonathan Butts Mauricio Papa and Sujeet Shenoi. 2009. A Taxonomy of Attacks on the DNP3 Protocol. In Critical Infrastructure Protection III Charles Palmer and Sujeet Shenoi (Eds.). Springer Berlin Heidelberg Berlin Heidelberg 67--81.  Samuel East Jonathan Butts Mauricio Papa and Sujeet Shenoi. 2009. A Taxonomy of Attacks on the DNP3 Protocol. In Critical Infrastructure Protection III Charles Palmer and Sujeet Shenoi (Eds.). Springer Berlin Heidelberg Berlin Heidelberg 67--81.","DOI":"10.1007\/978-3-642-04798-5_5"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3084456"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/AINA.2010.86"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Chuck Fraleigh Sue Moon Bryan Lyles Chase Cotton Mujahid Khan Deb Moll Rob Rockell Ted Seely and S Christophe Diot. 2003. Packet-level traffic measurements from the Sprint IP backbone. IEEE network 17 6 (2003) 6--16.  Chuck Fraleigh Sue Moon Bryan Lyles Chase Cotton Mujahid Khan Deb Moll Rob Rockell Ted Seely and S Christophe Diot. 2003. Packet-level traffic measurements from the Sprint IP backbone. IEEE network 17 6 (2003) 6--16.","DOI":"10.1109\/MNET.2003.1248656"},{"key":"e_1_3_2_1_18_1","unstructured":"Andy Greenberg. 2017. 'Crash Override': The Malware That Took Down a Power Grid. https:\/\/www.wired.com\/story\/crash-override-malware\/  Andy Greenberg. 2017. 'Crash Override': The Malware That Took Down a Power Grid. https:\/\/www.wired.com\/story\/crash-override-malware\/"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"crossref","unstructured":"Dina Hadziosmanovic Robin Sommer Emmanuele Zambon and Pieter Hartel. 2013. Through the eye of the PLC: towards semantic security monitoring for industrial control systems. International Computer Science Institute Berkeley (2013).  Dina Hadziosmanovic Robin Sommer Emmanuele Zambon and Pieter Hartel. 2013. Through the eye of the PLC: towards semantic security monitoring for industrial control systems. International Computer Science Institute Berkeley (2013).","DOI":"10.1145\/2664243.2664277"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCAIS.2015.7338690"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/SmartGridComm.2014.7007760"},{"key":"e_1_3_2_1_22_1","unstructured":"Eric D Knapp and Joel Thomas Langill. 2014. Industrial Network Security: Securing critical infrastructure networks for smart grid SCADA and other Industrial Control Systems. Syngress.  Eric D Knapp and Joel Thomas Langill. 2014. Industrial Network Security: Securing critical infrastructure networks for smart grid SCADA and other Industrial Control Systems. Syngress."},{"volume-title":"2014 Symposium on Cryptography and Information Security (SCIS).","author":"Lee Dongsoo","key":"e_1_3_2_1_23_1"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISORC.2008.25"},{"volume-title":"Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop (CSIIRW '13)","author":"Lin Hui","key":"e_1_3_2_1_25_1"},{"volume-title":"Advances in Computer","author":"Majdalawieh Munir","key":"e_1_3_2_1_26_1"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523673"},{"key":"e_1_3_2_1_28_1","unstructured":"PACE. 2017. Partnership for an Advanced Computing Environment (PACE). http:\/\/www.pace.gatech.edu  PACE. 2017. Partnership for an Advanced Computing Environment (PACE). http:\/\/www.pace.gatech.edu"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/263105.263155"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(99)00112-7"},{"volume-title":"2015 Australasian Information Security Conference (AISC).","year":"2015","author":"Rodofile Nicholas R.","key":"e_1_3_2_1_31_1"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2843043.2843350"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/1039834.1039864"},{"key":"e_1_3_2_1_34_1","unstructured":"Siemens 2017. SIMATIC RTU3030C Complete DNP3 Device Profile. Siemens. Rev. 2.0.  Siemens 2017. SIMATIC RTU3030C Complete DNP3 Device Profile. Siemens. Rev. 2.0."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/ANTS.2016.7947865"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/THS.2009.5168010"},{"volume-title":"IEEE International Workshop on Factory Communication Systems, 2004. Proceedings. 319--322","year":"2004","author":"A. F.","key":"e_1_3_2_1_37_1"},{"key":"e_1_3_2_1_38_1","first-page":"313","article-title":"Burst-based anomaly detection on the DNP3 protocol","volume":"6","author":"Yun Jeong-Han","year":"2013","journal-title":"International Journal of Control and Automation"},{"key":"e_1_3_2_1_39_1","unstructured":"Kim Zetter. 2016. INSIDE THE CUNNING UNPRECEDENTED HACK OF UKRAINE'S POWER GRID. https:\/\/www.wired.com\/2016\/03\/inside-cunning-unprecedented-hack-ukraines-power-grid\/  Kim Zetter. 2016. INSIDE THE CUNNING UNPRECEDENTED HACK OF UKRAINE'S POWER GRID. https:\/\/www.wired.com\/2016\/03\/inside-cunning-unprecedented-hack-ukraines-power-grid\/"}],"event":{"name":"ICSS: Fifth Annual Industrial Control System Security Workshop","sponsor":["ACSA Applied Computing Security Assoc"],"location":"San Juan PR USA","acronym":"ICSS"},"container-title":["Proceedings of the Fifth Annual Industrial Control System Security (ICSS) Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372318.3372324","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3372318.3372324","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3372318.3372324","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:02:20Z","timestamp":1750197740000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372318.3372324"}},"subtitle":["On Reevaluating DNP3 Security using Power Substation Traffic"],"short-title":[],"issued":{"date-parts":[[2019,12,10]]},"references-count":39,"alternative-id":["10.1145\/3372318.3372324","10.1145\/3372318"],"URL":"https:\/\/doi.org\/10.1145\/3372318.3372324","relation":{},"subject":[],"published":{"date-parts":[[2019,12,10]]},"assertion":[{"value":"2019-12-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}