Advisor

Jones, Bryan A.

Committee Member

Morris, Thomas H.

Date of Degree

1-1-2012

Document Type

Graduate Thesis - Open Access

Degree Name

Master of Science

College

James Worth Bagley College of Engineering

Department

Department of Electrical and Computer Engineering

Abstract

Supervisory control and data acquisition systems are extensively used in the critical infrastructure domain for controlling and managing large-scale industrial applications. This thesis presents a security management structure developed to protect ICS networks from security intrusions. This structure is formed by a combination of several modules for monitoring system-utilization parameters, data processing, detection of known attacks, forensic analysis to support against unknown attacks, estimation of control system-specific variables, and launch of appropriate protection methods. The best protection method to launch in case of an attack is chosen by a multi-criteria analysis controller based on operational costs and efficiency. A time-series ARIMA model is utilized to estimate the future state of the system and to protect it against cyber intrusions. Signature and performance based detection techniques assist in real-time identification of attacks with little or no human intervention. Simulation results for Scanning, Denial of Service and Injection attacks are provided.

URI

https://hdl.handle.net/11668/19779

Share

COinS