All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Behavioral Anomaly Detection in Industrial Control Systems: An Evaluation of Flowmon ADS

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F20%3APU136272" target="_blank" >RIV/00216305:26230/20:PU136272 - isvavai.cz</a>

  • Result on the web

    <a href="https://www.fit.vut.cz/research/publication/12253/" target="_blank" >https://www.fit.vut.cz/research/publication/12253/</a>

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Behavioral Anomaly Detection in Industrial Control Systems: An Evaluation of Flowmon ADS

  • Original language description

    This report provides results from the experiments aimed to evaluate the threat detection capabilities of the Flowmon Anomaly Detection System in the environment of Industrial Control Systems. The experiments follow a procedure described in the NISTIR 8219 report, which identifies a critical set of security threats to ICS and illustrates how behavior anomaly detection systems can be used as a key security component for industrial systems. We have shown that many of the identified security threats can be identified with the Flowmon ADS even without considering any specific ICS rules. The report systematically evaluates the scenarios considering network-based anomaly detection methods. We set up a virtual environment that contains ICS and Flowmon software. In this environment, we were able to demonstrate all scenarios and check Flowmon responses to the induced security threats.

  • Czech name

  • Czech description

Classification

  • Type

    O - Miscellaneous

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/TN01000077" target="_blank" >TN01000077: National Centre of Competence in Cybersecurity</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2020

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Similar results(10)

ICS Anomaly Detection Module for Flowmon ADSNovelty Detection System Based on Multi-Criteria Evaluation in Respect of Industrial Control SystemA Network Traffic Processing Library for ICS Anomaly Detection