All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Statistical Methods for Anomaly Detection in Industrial Communication

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F21%3APU140800" target="_blank" >RIV/00216305:26230/21:PU140800 - isvavai.cz</a>

  • Result on the web

    <a href="https://www.fit.vut.cz/research/publication/12502/" target="_blank" >https://www.fit.vut.cz/research/publication/12502/</a>

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Statistical Methods for Anomaly Detection in Industrial Communication

  • Original language description

    This report focuses on application of selected statistical methods to anomaly detection of ICS protocols deployed in smart grids, namely IEC 104, GOOSE and MMS. Industrial network stations are typically pre-configured hardware devices that operate in master-slave mode and exhibits stable and periodic communication patterns over a long time. Due to the stability of ICS communication, statistical models present a natural way for detection of common ICS anomalies. For probabilistic modeling of network behavior we employ the following statistical features: distribution of packet inter-arrival times, packet size, and packet direction. This report presents the results of our experiments with three statistical methods: the Box Plot, Three Sigma Rule and Local Outlier Factor (LOF) which worked best for ICS  datasets.

  • Czech name

  • Czech description

Classification

  • Type

    O - Miscellaneous

  • CEP classification

  • OECD FORD branch

    20206 - Computer hardware and architecture

Result continuities

  • Project

    <a href="/en/project/VI20192022138" target="_blank" >VI20192022138: Security monitoring of ICS communication in the smart grid</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2021

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Similar results(10)

Anomaly Detection of ICS Communication Using Statistical ModelsA Network Traffic Processing Library for ICS Anomaly DetectionAccurate Automata-Based Detection of Cyber Threats in Smart Grid Communication