{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:05:13Z","timestamp":1750309513240,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":101,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,30]]},"DOI":"10.1145\/3678890.3678932","type":"proceedings-article","created":{"date-parts":[[2024,9,29]],"date-time":"2024-09-29T22:23:36Z","timestamp":1727648616000},"page":"278-297","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["No Need for Details: Effective Anomaly Detection for Process Control Traffic in Absence of Protocol and Attack Knowledge"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-0687-9155","authenticated-orcid":false,"given":"Franka","family":"Schuster","sequence":"first","affiliation":[{"name":"Brandenburg University of Technology Cottbus-Senftenberg, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2607-1993","authenticated-orcid":false,"given":"Hartmut","family":"K\u00f6nig","sequence":"additional","affiliation":[{"name":"Brandenburg University of Technology Cottbus-Senftenberg, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,9,30]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"IEEE International Conference on Data Mining Workshops (ICDMW). IEEE, 1\u20136.","author":"Anton Simon\u00a0Duque","year":"2018","unstructured":"Simon\u00a0Duque Anton, Lia Ahrens, Daniel Fraunholz, and Hans\u00a0Dieter Schotten. 2018. Time is of the Essence: Machine Learning-based Intrusion Detection in Industrial Time Series Data. In IEEE International Conference on Data Mining Workshops (ICDMW). IEEE, 1\u20136."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3230833.3232818"},{"key":"e_1_3_2_1_3_1","volume-title":"Anomaly-based Intrusion Detection in Industrial Data with SVM and Random Forests. In International Conference on Software, Telecommunications and Computer Networks (SoftCOM). IEEE, 1\u20136.","author":"Duque Anton Simon","year":"2019","unstructured":"Simon D.\u00a0Duque Anton, Sapna Sinha, and Hans\u00a0Dieter Schotten. 2019. Anomaly-based Intrusion Detection in Industrial Data with SVM and Random Forests. In International Conference on Software, Telecommunications and Computer Networks (SoftCOM). IEEE, 1\u20136."},{"key":"e_1_3_2_1_4_1","volume-title":"Dos and Don\u2019ts of Machine Learning in Computer Security. In USENIX Security Symposium (USENIX Security). 3971\u20133988","author":"Arp Daniel","year":"2022","unstructured":"Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, and Konrad Rieck. 2022. Dos and Don\u2019ts of Machine Learning in Computer Security. In USENIX Security Symposium (USENIX Security). 3971\u20133988."},{"key":"e_1_3_2_1_5_1","volume-title":"IEEE International Conference on Emerging Technologies & Factory Automation (ETFA). IEEE, 1\u20134.","author":"Ramos\u00a0Regis Barbosa Rafael","year":"2012","unstructured":"Rafael Ramos\u00a0Regis Barbosa, Ramin Sadre, and Aiko Pras. 2012. Towards Periodicity based Anomaly Detection in SCADA Networks. In IEEE International Conference on Emerging Technologies & Factory Automation (ETFA). IEEE, 1\u20134."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101677"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.052213.00046"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3138534"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SMC42975.2020.9283046"},{"key":"e_1_3_2_1_10_1","volume-title":"Specification Mining for Intrusion Detection in Networked Control Systems. In USENIX Security Symposium (USENIX Security). 791\u2013806","author":"Caselli Marco","year":"2016","unstructured":"Marco Caselli, Emmanuele Zambon, Johanna Amann, Robin Sommer, and Frank Kargl. 2016. Specification Mining for Intrusion Detection in Networked Control Systems. In USENIX Security Symposium (USENIX Security). 791\u2013806."},{"key":"e_1_3_2_1_11_1","volume-title":"Sequence-aware Intrusion Detection in Industrial Control Systems. In ACM Workshop on Cyber-Physical System Security (CPSS). 13\u201324","author":"Caselli Marco","year":"2015","unstructured":"Marco Caselli, Emmanuele Zambon, and Frank Kargl. 2015. Sequence-aware Intrusion Detection in Industrial Control Systems. In ACM Workshop on Cyber-Physical System Security (CPSS). 13\u201324."},{"volume-title":"IFIP 11.10 International Conference on Critical Infrastructure Protection (ICCIP)","author":"Caselli Marco","key":"e_1_3_2_1_12_1","unstructured":"Marco Caselli, Emmanuele Zambon, Jonathan Petit, and Frank Kargl. 2015. Modeling Message Sequences for Intrusion Detection in Industrial Control Systems. In IFIP 11.10 International Conference on Critical Infrastructure Protection (ICCIP). Springer, 49\u201371."},{"key":"e_1_3_2_1_13_1","volume-title":"Using Model-based Intrusion Detection for SCADA Networks. In SCADA Security Scientific Symposium","author":"Cheung Steven","year":"2007","unstructured":"Steven Cheung, Bruno Dutertre, Martin Fong, Ulf Lindqvist, Keith Skinner, and Alfonso Valdes. 2007. Using Model-based Intrusion Detection for SCADA Networks. In SCADA Security Scientific Symposium 2007."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1155\/2019\/6757685"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"crossref","unstructured":"Benoit Claise. 2004. Cisco Systems Netflow Services Export Version 9.","DOI":"10.17487\/rfc3954"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"Benoit Claise Brian Trammell and Paul Aitken. 2013. Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information.","DOI":"10.17487\/rfc7012"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2021.3094360"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF00994018"},{"key":"e_1_3_2_1_19_1","unstructured":"Tiago Cruz. 2018. Modbus TCP SCADA #1 Dataset. https:\/\/github.com\/tjcruz-dei\/ICS_PCAPS\/releases\/tag\/MODBUSTCP%231. Online. Accessed: 2024-03-26."},{"key":"e_1_3_2_1_20_1","unstructured":"Cybersecurity and Infrastructure Secruity\u00a0Agency (CISA). 2023. Alert ICSA-23-017-01. https:\/\/www.cisa.gov\/news-events\/ics-advisories\/icsa-23-017-01. Online. Accessed: 2023-04-29."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.3390\/math10224373"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3109465"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2017.34"},{"key":"e_1_3_2_1_24_1","volume-title":"Intrusion Detection for Sequence-based Attacks with Reduced Traffic Models. In International GI\/ITG Conference on Measurement, Modelling and Evaluation of Computing Systems. Springer, 53\u201367","author":"Ferling Benedikt","year":"2018","unstructured":"Benedikt Ferling, Justyna Chromik, Marco Caselli, and Anne Remke. 2018. Intrusion Detection for Sequence-based Attacks with Reduced Traffic Models. In International GI\/ITG Conference on Measurement, Modelling and Evaluation of Computing Systems. Springer, 53\u201367."},{"key":"e_1_3_2_1_25_1","volume-title":"Device Fingerprinting for Cyber-Physical Systems. In Network and Distributed System Security Symposium (NDSS).","author":"Formby David","year":"2016","unstructured":"David Formby, Preethi Srinivasan, Andrew\u00a0M. Leonard, Jonathan\u00a0D. Rogers, and Raheem\u00a0A. Beyah. 2016. Who\u2019s in Control of Your Control System? Device Fingerprinting for Cyber-Physical Systems. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_26_1","first-page":"3","article-title":"On Cyber Attacks and Signature based Intrusion Detection for Modbus based Industrial Control Systems","volume":"9","author":"Gao Wei","year":"2014","unstructured":"Wei Gao and Thomas\u00a0H. Morris. 2014. On Cyber Attacks and Signature based Intrusion Detection for Modbus based Industrial Control Systems. Journal of Digital Forensics, Security and Law 9, 1 (2014), 3.","journal-title":"Journal of Digital Forensics, Security and Law"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCSS.2021.3135586"},{"key":"e_1_3_2_1_28_1","volume-title":"International Conference on Critical Information Infrastructures Security (CRITIS)(Lecture Notes in Computer Science, Vol.\u00a010242)","author":"Goh Jonathan","year":"2016","unstructured":"Jonathan Goh, Sridhar Adepu, Khurum\u00a0Nazir Junejo, and Aditya Mathur. 2016. A Dataset to Support Research in the Design of Secure Water Treatment Systems. In International Conference on Critical Information Infrastructures Security (CRITIS)(Lecture Notes in Computer Science, Vol.\u00a010242). Springer, 88\u201399."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2013.05.001"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2017.10.013"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.21227\/rbvf-2h90"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/REPE55559.2022.9949381"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-022-06965-4"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SMC.2019.8913895"},{"key":"e_1_3_2_1_35_1","unstructured":"SANS Institute. 2013. CyberCity Dataset. https:\/\/assets.contentstack.io\/v3\/assets\/blt36c2e63521272fdc\/bltff8e7c1232f3bcbc\/5fbd7be072a3526f28dbed75\/sansholidayhack2013.pcap. Online. Accessed: 2024-03-26."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560609"},{"key":"e_1_3_2_1_37_1","unstructured":"DFKI Kaiserslautern. 2023. IUNO Project Website with Datasets. https:\/\/projects.dfki.uni-kl.de\/IUNO. Offline. Accessed tried: 2023-04-29."},{"key":"e_1_3_2_1_38_1","volume-title":"Network Message Field Type Clustering for Reverse Engineering of Unknown Binary Protocols. In IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). IEEE, 80\u201387","author":"Kleber Stephan","year":"2022","unstructured":"Stephan Kleber, Frank Kargl, Milan State, and Matthias Hollick. 2022. Network Message Field Type Clustering for Reverse Engineering of Unknown Binary Protocols. In IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). IEEE, 80\u201387."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3264888.3264896"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3494107.3522773"},{"volume-title":"Designing a Feature Construction and Selection Approach for Machine Learning-based Intrusion Detection in Industrial Control System Networks. Ph.\u00a0D. Dissertation","author":"Lahza Hassan","key":"e_1_3_2_1_41_1","unstructured":"Hassan Fareed\u00a0M. Lahza. 2019. Designing a Feature Construction and Selection Approach for Machine Learning-based Intrusion Detection in Industrial Control System Networks. Ph.\u00a0D. Dissertation. Queensland University of Technology."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5070\/SR33162445"},{"key":"e_1_3_2_1_43_1","volume-title":"Modbus Dataset from CSET","author":"Lemay Antoine","year":"2016","unstructured":"Antoine Lemay. 2016. Modbus Dataset from CSET 2016. https:\/\/github.com\/antoine-lemay\/Modbus_dataset. Online. Accessed: 2023-04-01."},{"key":"e_1_3_2_1_44_1","volume-title":"Providing SCADA Network Data Sets for Intrusion Detection Research. In Workshop on Cyber Security Experimentation and Test (CSET). USENIX Association.","author":"Lemay Antoine","year":"2016","unstructured":"Antoine Lemay and Jos\u00e9\u00a0M. Fernandez. 2016. Providing SCADA Network Data Sets for Intrusion Detection Research. In Workshop on Cyber Security Experimentation and Test (CSET). USENIX Association."},{"key":"e_1_3_2_1_45_1","volume-title":"Ensemble Machine Learning for Intrusion Detection in Cyber-Physical Systems. In IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 1\u20132.","author":"Li Hongwei","year":"2021","unstructured":"Hongwei Li and Danai Chasaki. 2021. Ensemble Machine Learning for Intrusion Detection in Cyber-Physical Systems. In IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 1\u20132."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3198458.3198460"},{"key":"e_1_3_2_1_47_1","volume-title":"Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly Detection. In Symposium on Research in Attacks, Intrusions and Defenses (RAID). 73\u201388","author":"Lin Chih-Yuan","year":"2019","unstructured":"Chih-Yuan Lin and Simin Nadjm-Tehrani. 2019. Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly Detection. In Symposium on Research in Attacks, Intrusions and Defenses (RAID). 73\u201388."},{"key":"e_1_3_2_1_48_1","volume-title":"Timing-based Anomaly Detection in SCADA Networks. In International Conference on Critical Information Infrastructures Security (CRITIS). Springer, 48\u201359","author":"Lin Chih-Yuan","year":"2018","unstructured":"Chih-Yuan Lin, Simin Nadjm-Tehrani, and Mikael Asplund. 2018. Timing-based Anomaly Detection in SCADA Networks. In International Conference on Critical Information Infrastructures Security (CRITIS). Springer, 48\u201359."},{"key":"e_1_3_2_1_49_1","volume-title":"Isolation Forest. In IEEE International Conference on Data Mining. IEEE, 413\u2013422","author":"Liu Fei\u00a0Tony","year":"2008","unstructured":"Fei\u00a0Tony Liu, Kai\u00a0Ming Ting, and Zhi-Hua Zhou. 2008. Isolation Forest. In IEEE International Conference on Data Mining. IEEE, 413\u2013422."},{"key":"e_1_3_2_1_50_1","volume-title":"Lundberg and Su-In Lee","author":"M.","year":"2017","unstructured":"Scott\u00a0M. Lundberg and Su-In Lee. 2017. A Unified Approach to Interpreting Model Predictions. Advances in Neural Information Processing Systems (NIPS) 30 (2017)."},{"volume-title":"Science and Information Conference. IEEE, 626\u2013631","author":"A.","key":"e_1_3_2_1_51_1","unstructured":"Leandros\u00a0A. Maglaras and Jianmin Jiang. 2014. Intrusion Detection in SCADA Systems using Machine Learning Techniques. In Science and Information Conference. IEEE, 626\u2013631."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3140241.3140245"},{"key":"e_1_3_2_1_53_1","volume-title":"Lights on Power Plant Control Networks. In International Conference on Passive and Active Network Measurement (PAM). Springer, 470\u2013484","author":"Mehner Stefan","year":"2022","unstructured":"Stefan Mehner, Franka Schuster, and Oliver Hohlfeld. 2022. Lights on Power Plant Control Networks. In International Conference on Passive and Active Network Measurement (PAM). Springer, 470\u2013484."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2021.100464"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"crossref","unstructured":"Robert Mitchell and Ing-Ray Chen. 2014. A Survey of Intrusion Detection Techniques for Cyber-Physical Systems. In ACM CSUR Vol.\u00a046. ACM.","DOI":"10.1145\/2542049"},{"volume-title":"Identifying Mislabeled Instances in Classification Datasets. In International Joint Conference on Neural Networks (IJCNN). IEEE, 1\u20138.","author":"M.","key":"e_1_3_2_1_56_1","unstructured":"Nicolas\u00a0M. M\u00fcller and Karla Markert. 2019. Identifying Mislabeled Instances in Classification Datasets. In International Joint Conference on Neural Networks (IJCNN). IEEE, 1\u20138."},{"key":"e_1_3_2_1_57_1","unstructured":"David Myers. 2018. QUT S7 Communication. https:\/\/cloudstor.aarnet.edu.au\/plus\/index.php\/s\/9qFfeVmfX7K5IDH. Offline. Accessed: 2023-03-19."},{"key":"e_1_3_2_1_58_1","unstructured":"Gorby\u00a0Kabasele Ndonda. 2019. HVAC Dataset. https:\/\/github.com\/gkabasele\/HVAC_Traces. Online. Accessed: 2024-03-26."},{"key":"e_1_3_2_1_59_1","unstructured":"NETRESEC. 2015. Capture files from 4SICS Geek Lounge. https:\/\/www.netresec.com\/?page=PCAP4SICS. Online. Accessed: 2024-03-26."},{"key":"e_1_3_2_1_60_1","unstructured":"NETRESEC. 2015. S4x15 ICS Village PCAP Files. https:\/\/www.netresec.com\/?page=DigitalBond_S4. Online. Accessed: 2024-03-26."},{"key":"e_1_3_2_1_61_1","unstructured":"Singapore\u00a0University of Technology and Design (SUTD). 2021. Datasets Collection inlcuding Electric Power and Intelligent Control (EPIC) and Secure Water Treatment (SWaT). https:\/\/itrust.sutd.edu.sg\/itrust-labs_datasets\/dataset_info. Online. Accessed: 2024-03-26."},{"key":"e_1_3_2_1_62_1","unstructured":"Queensland\u00a0University of Technology Information\u00a0Security. 2017. DNP3 Cyber-Attack Datasets. https:\/\/github.com\/qut-infosec\/2017QUT_DNP3. Online. Accessed: 2023-04-30."},{"key":"e_1_3_2_1_63_1","unstructured":"Queensland\u00a0University of Technology Information\u00a0Security. 2017. SCADA Network Attack Datasets and Process Logs. https:\/\/github.com\/qut-infosec\/2017QUT_S7comm. Online. Accessed: 2023-04-30."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2020.04.265"},{"key":"e_1_3_2_1_65_1","volume-title":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). Springer, 160\u2013176","author":"Paul Andreas","year":"2013","unstructured":"Andreas Paul, Franka Schuster, and Hartmut K\u00f6nig. 2013. Towards the Protection of Industrial Control Systems \u2013 Conclusions of a Vulnerability Analysis of Profinet IO. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). Springer, 160\u2013176."},{"key":"e_1_3_2_1_66_1","volume-title":"Whitelisting for Characterizing and Monitoring Process Control Communication. In International Conference on Network and System Security (NSS). Springer, 23\u201345","author":"Paul Andreas","year":"2023","unstructured":"Andreas Paul, Franka Schuster, and Hartmut K\u00f6nig. 2023. Whitelisting for Characterizing and Monitoring Process Control Communication. In International Conference on Network and System Security (NSS). Springer, 23\u201345."},{"volume-title":"International Conference on Trust, Security and Privacy in Computing and Communications\/12th IEEE International Conference on Big Data Science and Engineering (TrustCom\/BigDataSE)","author":"Perez Rocio\u00a0Lopez","key":"e_1_3_2_1_67_1","unstructured":"Rocio\u00a0Lopez Perez, Florian Adamsky, Ridha Soua, and Thomas Engel. 2018. Machine Learning for Reliable Network Attack Detection in SCADA Systems. In International Conference on Trust, Security and Privacy in Computing and Communications\/12th IEEE International Conference on Big Data Science and Engineering (TrustCom\/BigDataSE). IEEE, 633\u2013638."},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"crossref","unstructured":"Peter Phaal Sonia Panchen and Neil McKee. 2001. InMon Corporation\u2019s sFlow: A Method for Monitoring Traffic in Switched and Routed Networks.","DOI":"10.17487\/rfc3176"},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2015.2443793"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3409314"},{"volume-title":"Generating Attacks and Labelling Attack Datasets for Industrial Control Intrusion Detection Systems. Ph.\u00a0D. Dissertation","author":"Rodofile R.","key":"e_1_3_2_1_71_1","unstructured":"Nicholas\u00a0R. Rodofile. 2018. Generating Attacks and Labelling Attack Datasets for Industrial Control Intrusion Detection Systems. Ph.\u00a0D. Dissertation. Queensland University of Technology."},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-59870-3_30"},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1080\/00401706.1999.10485670"},{"key":"e_1_3_2_1_74_1","volume-title":"High-performance Unsupervised Anomaly Detection for Cyber-Physical System Networks. In Workshop on Cyber-Physical Systems Security and Privacy. 1\u201312","author":"Schneider Peter","year":"2018","unstructured":"Peter Schneider and Konstantin B\u00f6ttinger. 2018. High-performance Unsupervised Anomaly Detection for Cyber-Physical System Networks. In Workshop on Cyber-Physical Systems Security and Privacy. 1\u201312."},{"key":"e_1_3_2_1_75_1","volume-title":"Support Vector Method for Novelty Detection. Advances in Neural Information Processing Systems (NIPS) 12","author":"Sch\u00f6lkopf Bernhard","year":"1999","unstructured":"Bernhard Sch\u00f6lkopf, Robert\u00a0C. Williamson, Alex Smola, John Shawe-Taylor, and John Platt. 1999. Support Vector Method for Novelty Detection. Advances in Neural Information Processing Systems (NIPS) 12 (1999)."},{"key":"e_1_3_2_1_76_1","volume-title":"International Conference on Critical Information Infrastructures Security (CRITIS). Springer, accepted for publication.","author":"Schuster Franka","year":"2024","unstructured":"Franka Schuster and Hartmut K\u00f6nig. 2024. Questioning the Myth: Investigating ICS Traffic Homogeneity from an Anomaly Detection Perspective. In International Conference on Critical Information Infrastructures Security (CRITIS). Springer, accepted for publication."},{"key":"e_1_3_2_1_77_1","unstructured":"Scikit-learn. 2023. Implementation of Elliptic Envelope Algorithm. https:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.covariance.EllipticEnvelope.html. Online. Accessed: 2023-07-26."},{"key":"e_1_3_2_1_78_1","unstructured":"Scikit-learn. 2023. Implementation of Isolation Forest Algorithm. https:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.ensemble.IsolationForest.html. Online. Accessed: 2023-07-12."},{"key":"e_1_3_2_1_79_1","unstructured":"Scikit-learn. 2023. Implementation to Approximate the Solution of a Kernelized One-class SVM. https:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.linear_model.SGDOneClassSVM.html. Online. Accessed: 2023-07-26."},{"key":"e_1_3_2_1_80_1","volume-title":"Modbus Communication Behavior Modeling and SVM Intrusion Detection Method. In International Conference on Communication and Network Security (ICCNS). 80\u201385","author":"Shang Wenli","year":"2016","unstructured":"Wenli Shang, Junrong Cui, Ming Wan, Panfeng An, and Peng Zeng. 2016. Modbus Communication Behavior Modeling and SVM Intrusion Detection Method. In International Conference on Communication and Network Security (ICCNS). 80\u201385."},{"key":"e_1_3_2_1_81_1","volume-title":"Noiserank: Unsupervised Label Noise Reduction with Dependence Models. In European Conference on Computer Vision (ECCV). Springer, 737\u2013753","author":"Sharma Karishma","year":"2020","unstructured":"Karishma Sharma, Pinar Donmez, Enming Luo, Yan Liu, and I.\u00a0Zeki Yalniz. 2020. Noiserank: Unsupervised Label Noise Reduction with Dependence Models. In European Conference on Computer Vision (ECCV). Springer, 737\u2013753."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIAI.2019.8850807"},{"key":"e_1_3_2_1_83_1","volume-title":"Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. In IEEE Symposium on Security and Privacy (S&P). IEEE, 305\u2013316","author":"Sommer Robin","year":"2010","unstructured":"Robin Sommer and Vern Paxson. 2010. Outside the Closed World: On Using Machine Learning for Network Intrusion Detection. In IEEE Symposium on Security and Privacy (S&P). IEEE, 305\u2013316."},{"key":"e_1_3_2_1_84_1","first-page":"16","article-title":"Guide to Industrial Control Systems (ICS) Security","volume":"800","author":"Stouffer Keith","year":"2011","unstructured":"Keith Stouffer, Joe Falco, Karen Scarfone, 2011. Guide to Industrial Control Systems (ICS) Security. NIST Special Publication 800, 82 (2011), 16\u201316.","journal-title":"NIST Special Publication"},{"key":"e_1_3_2_1_85_1","unstructured":"Tensorflow. 2023. Keras API for Constructing Artificial Neural Networks. https:\/\/www.tensorflow.org\/api_docs\/python\/tf\/keras. Online. Accessed: 2023-07-26."},{"volume-title":"European Symposium on Security and Privacy Workshops (EuroS&PW)","author":"Terai Asuka","key":"e_1_3_2_1_86_1","unstructured":"Asuka Terai, Shingo Abe, Shoya Kojima, Yuta Takano, and Ichiro Koshijima. 2017. Cyber-Attack Detection for Industrial Control System Monitoring with Support Vector Machine Based on Communication Profile. In European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 132\u2013138."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1109\/SysCon53536.2022.9773814"},{"key":"e_1_3_2_1_88_1","doi-asserted-by":"crossref","unstructured":"Lisa Torrey and Jude Shavlik. 2010. Transfer Learning. In Handbook of Research on Machine Learning Applications and Trends: Algorithms Methods and Techniques. IGI global 242\u2013264.","DOI":"10.4018\/978-1-60566-766-9.ch011"},{"key":"e_1_3_2_1_89_1","volume-title":"Limiting the Impact of Stealthy Attacks on Industrial Control Systems. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 1092\u20131105","author":"Urbina I.","year":"2016","unstructured":"David\u00a0I. Urbina, Jairo\u00a0A. Giraldo, Alvaro\u00a0A. Cardenas, Nils\u00a0Ole Tippenhauer, Junia Valente, Mustafa Faisal, Justin Ruths, Richard Candell, and Henrik Sandberg. 2016. Limiting the Impact of Stealthy Attacks on Industrial Control Systems. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 1092\u20131105."},{"key":"e_1_3_2_1_90_1","volume-title":"Communication Pattern Anomaly Detection in Process Control Systems. In IEEE Conference on Technologies for Homeland Security. IEEE, 22\u201329","author":"Valdes Alfonso","year":"2009","unstructured":"Alfonso Valdes and Steven Cheung. 2009. Communication Pattern Anomaly Detection in Process Control Systems. In IEEE Conference on Technologies for Homeland Security. IEEE, 22\u201329."},{"key":"e_1_3_2_1_91_1","volume-title":"Comparative Study of Feature Selection Techniques Respecting Novelty Detection in the Industrial Control System Environment. Annals of DAAAM 29","author":"Vavra Jan","year":"2018","unstructured":"Jan Vavra and Martin Hromada. 2018. Comparative Study of Feature Selection Techniques Respecting Novelty Detection in the Industrial Control System Environment. Annals of DAAAM 29 (2018)."},{"key":"e_1_3_2_1_92_1","volume-title":"Evaluation of Data Preprocessing Techniques for Anomaly Detection Systems in Industrial Control System. Annals of DAAAM 30","author":"Vavra Jan","year":"2019","unstructured":"Jan Vavra and Martin Hromada. 2019. Evaluation of Data Preprocessing Techniques for Anomaly Detection Systems in Industrial Control System. Annals of DAAAM 30 (2019)."},{"key":"e_1_3_2_1_93_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2021.100446"},{"key":"e_1_3_2_1_94_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2020.2989695"},{"key":"e_1_3_2_1_95_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-17143-7_28"},{"key":"e_1_3_2_1_96_1","doi-asserted-by":"publisher","DOI":"10.1145\/3545948.3545968"},{"key":"e_1_3_2_1_97_1","volume-title":"Zoe: Content-based Anomaly Detection for Industrial Control Systems. In IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 127\u2013138","author":"Wressnegger Christian","year":"2018","unstructured":"Christian Wressnegger, Ansgar Kellner, and Konrad Rieck. 2018. Zoe: Content-based Anomaly Detection for Industrial Control Systems. In IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 127\u2013138."},{"key":"e_1_3_2_1_98_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2963144"},{"key":"e_1_3_2_1_99_1","volume-title":"Communication Pattern Monitoring: Improving the Utility of Anomaly Detection for Industrial Control Systems. In NDSS Workshop on Security of Emerging Networking Technologies.","author":"Yoon Man-Ki","year":"2014","unstructured":"Man-Ki Yoon and Gabriela\u00a0F. Ciocarlie. 2014. Communication Pattern Monitoring: Improving the Utility of Anomaly Detection for Industrial Control Systems. In NDSS Workshop on Security of Emerging Networking Technologies."},{"key":"e_1_3_2_1_100_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_27"},{"key":"e_1_3_2_1_101_1","first-page":"3833","article-title":"Rethinking Pre-training and Self-training","volume":"33","author":"Zoph Barret","year":"2020","unstructured":"Barret Zoph, Golnaz Ghiasi, Tsung-Yi Lin, Yin Cui, Hanxiao Liu, Ekin\u00a0Dogus Cubuk, and Quoc Le. 2020. Rethinking Pre-training and Self-training. Advances in Neural Information Processing Systems (NIPS) 33 (2020), 3833\u20133845.","journal-title":"Advances in Neural Information Processing Systems (NIPS)"}],"event":{"name":"RAID '24: The 27th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID '24","location":"Padua Italy"},"container-title":["The 27th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678890.3678932","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3678890.3678932","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:00Z","timestamp":1750295880000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678890.3678932"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":101,"alternative-id":["10.1145\/3678890.3678932","10.1145\/3678890"],"URL":"https:\/\/doi.org\/10.1145\/3678890.3678932","relation":{},"subject":[],"published":{"date-parts":[[2024,9,30]]},"assertion":[{"value":"2024-09-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}