{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,21]],"date-time":"2026-01-21T12:17:02Z","timestamp":1768997822555,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,4,2]],"date-time":"2020-04-02T00:00:00Z","timestamp":1585785600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,4,2]]},"DOI":"10.1145\/3374135.3385282","type":"proceedings-article","created":{"date-parts":[[2020,5,26]],"date-time":"2020-05-26T00:12:43Z","timestamp":1590451963000},"page":"188-196","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":37,"title":["An Evaluation of Machine Learning-based Anomaly Detection in a SCADA System Using the Modbus Protocol"],"prefix":"10.1145","author":[{"given":"Brandon","family":"Phillips","sequence":"first","affiliation":[{"name":"MCIS Department, Jacksonville State University, Jacksonville, AL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eric","family":"Gamess","sequence":"additional","affiliation":[{"name":"MCIS Department, Jacksonville State University, Jacksonville, AL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sri","family":"Krishnaprasad","sequence":"additional","affiliation":[{"name":"MCIS Department, Jacksonville State University, Jacksonville, AL, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,5,25]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Acromag. 2005. Introduction to Modbus TCP\/IP. Technical Reference -- Modbus TCP\/IP."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1186\/s13634-019-0619-3"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-17127-2_2"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1080\/00031305.1992.10475879"},{"key":"e_1_3_2_1_5_1","unstructured":"Digital Bond. Modbus TCP Rules. Retrieved from www.digitalbond.com\/tools\/quickdraw\/modbus-tcp-rules"},{"key":"e_1_3_2_1_6_1","unstructured":"R. Bridgelall. 2017. Introduction to Support Vector Machines. Retrieved from http:\/\/www.svms.org\/introduction.html"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the International Infrastructure Survivability Workshop (IISW","author":"Byres E.","year":"2004","unstructured":"E. Byres, M. Franz, and D. Miller. 2004. The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems. In Proceedings of the International Infrastructure Survivability Workshop (IISW 2004), Lisbon, Portugal."},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of the 2008 3rd Conference on Hot Topics in Security (HotSec","author":"C\u00e1rdenas A.","year":"2008","unstructured":"A. C\u00e1rdenas, S. Amin, and S. Sastry. 2008. Research Challenges for the Security of Control Systems. In Proceedings of the 2008 3rd Conference on Hot Topics in Security (HotSec 2008), San Jose, CA, USA."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2010.5634434"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/3200099"},{"key":"e_1_3_2_1_11_1","first-page":"97","article-title":"Support-Vector Networks","volume":"44","author":"Cortes C.","year":"2001","unstructured":"C. Cortes and V. Vapnik. 2001. Support-Vector Networks. Assembly 44, 13 (2001), 97.","journal-title":"Assembly"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.19026\/rjaset.7.299"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4419-0221-4_60"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"W. Gao T. Morris B. Reaves and D. Richey. 2010. On SCADA Control System Command and Response Injection and Intrusion Detection. In 2010 eCrime Researchers Summit Dallas TX USA.","DOI":"10.1109\/ecrime.2010.5706699"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2012.06.015"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2013.05.001"},{"key":"e_1_3_2_1_17_1","first-page":"147","article-title":"Automatic Capacity Tuning of Very Large VC-Dimension Classifiers","author":"Guyon I.","year":"1993","unstructured":"I. Guyon, B. Boser, and V. Vapnik. 1993. Automatic Capacity Tuning of Very Large VC-Dimension Classifiers. Advances in Neural Information Processing Systems 5, (November 1993), pp. 147--155.","journal-title":"Advances in Neural Information Processing Systems 5"},{"key":"e_1_3_2_1_18_1","unstructured":"Modbus IDA. 2006. Modbus Application Protocol Specification v1.1b."},{"key":"e_1_3_2_1_19_1","volume-title":"Using SNORT for Intrusion Detection in Modbus TCP\/IP Communications. InfoSec Reading Room","author":"Jimenez J.","unstructured":"J. Jimenez. 2011. Using SNORT for Intrusion Detection in Modbus TCP\/IP Communications. InfoSec Reading Room, SANS Institute. Retrieved from http:\/\/www.sans.org\/reading-room\/whitepapers\/detection\/ snort-intrusion-detection-modbus-tcp-ip-communications-33844"},{"key":"e_1_3_2_1_20_1","unstructured":"R. Lee M. Assante and T. Conway. 2016. Analysis of the Cyber Attack on the Ukrainian Power Grid Defense Use Case. (March 2016) 2--11."},{"key":"e_1_3_2_1_21_1","volume-title":"Providing SCADA Network Data Sets for Intrusion Detection Research. 9th USENIX Workshop on Cyber Security Experimentation and Test (CSET","author":"Lemay A.","year":"2016","unstructured":"A. Lemay and J. Fernandez. 2016. Providing SCADA Network Data Sets for Intrusion Detection Research. 9th USENIX Workshop on Cyber Security Experimentation and Test (CSET 2016), Austin, TX, USA."},{"key":"e_1_3_2_1_22_1","first-page":"282","volume-title":"Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability","author":"MacQueen J.","year":"1965","unstructured":"J. MacQueen. 1965. Some Methods of Classification and Analysis of Multivariate Observations. In Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, pp. 282--297, Berkeley, CA, USA."},{"key":"e_1_3_2_1_23_1","volume-title":"International Journal of Advanced Research in Computer Engineering & Technology (IJARCET","volume":"4","author":"Mahapatra K.","year":"2015","unstructured":"K. Mahapatra and S. Magesh. 2015. Analysis of Vulnerabilities in the Protocols used in SCADA Systems. International Journal of Advanced Research in Computer Engineering & Technology (IJARCET 2015), Vol. 4, No. 3, (March 2015), pp 1014-1019."},{"key":"e_1_3_2_1_24_1","volume-title":"Project-Based Introduction to Programming","author":"Matthes E.","unstructured":"E. Matthes. 2019. Python Crash Course: A Hands-On, Project-Based Introduction to Programming, 2nd edition, No Starch Press.","edition":"2"},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of the 7th Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW 2011)","author":"Morris T.","year":"2011","unstructured":"T. Morris, R. Vaughn, and Y. Dandass. 2011. A Testbed for SCADA Control System Cybersecurity Research and Pedagogy. In Proceedings of the 7th Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW 2011), October 2011, Oak Ridge, TN, USA."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-76917-0"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF00116251"},{"key":"e_1_3_2_1_28_1","first-page":"226","volume-title":"Snort - Lightweight Intrusion Detection for Networks. In 13th USENIX Conference on System Administration (LISA","author":"Roesch M.","year":"1999","unstructured":"M. Roesch. 1999. Snort - Lightweight Intrusion Detection for Networks. In 13th USENIX Conference on System Administration (LISA 1999), pp. 226--238, Seattle, WA, USA."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/TETC.2013.2287188"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"e_1_3_2_1_31_1","unstructured":"Mississippi State University. Critical Infrastructure Protection Center. http:\/\/www.security.cse.msstate.edu\/cipc."},{"key":"e_1_3_2_1_32_1","unstructured":"The University of Utah. Emulab Total Network Testbed. http:\/\/www.emulab.net."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786984.2786995"},{"key":"e_1_3_2_1_34_1","first-page":"12","volume-title":"Anomaly-based Intrusion Detection for SCADA Systems. In Proceedings of the 5th International Topical Meeting on Nuclear Plant Instrumentation Controls and Human Machine Interface Technologies","author":"Yang D.","unstructured":"D. Yang, A. Usynin, and J. Hines. 2006. Anomaly-based Intrusion Detection for SCADA Systems. In Proceedings of the 5th International Topical Meeting on Nuclear Plant Instrumentation Controls and Human Machine Interface Technologies, pp. 12--16, Albuquerque, NM, USA."},{"key":"e_1_3_2_1_35_1","first-page":"289","volume-title":"Optimizing F-measures: A Tale of Two Approaches. In Proceedings of the 29th International Conference on Machine Learning (ICML","author":"Ye N.","year":"2012","unstructured":"N. Ye, K. Chai, W. Lee, and H. Chieu. 2012. Optimizing F-measures: A Tale of Two Approaches. In Proceedings of the 29th International Conference on Machine Learning (ICML 2012), pp. 289--296, Edinburgh, UK."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/116873.116880"},{"key":"e_1_3_2_1_37_1","volume-title":"Proceedings of VDE Congress","author":"Byres E.","unstructured":"E. Byres and J. Lowe. 2004. The Myths and Facts behind Cyber Security Risks for Industrial Control Systems. In Proceedings of VDE Congress, Berlin, Germany."}],"event":{"name":"ACM SE '20: 2020 ACM Southeast Conference","location":"Tampa FL USA","acronym":"ACM SE '20","sponsor":["ACM Association for Computing Machinery"]},"container-title":["Proceedings of the 2020 ACM Southeast Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3374135.3385282","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3374135.3385282","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:41:47Z","timestamp":1750200107000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3374135.3385282"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,4,2]]},"references-count":37,"alternative-id":["10.1145\/3374135.3385282","10.1145\/3374135"],"URL":"https:\/\/doi.org\/10.1145\/3374135.3385282","relation":{},"subject":[],"published":{"date-parts":[[2020,4,2]]},"assertion":[{"value":"2020-05-25","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}