Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Ontology-based detection of cyber-attacks to SCADA-systems in critical infrastructures

: Krauß, D.; Thomalla, Christoph


Institute of Electrical and Electronics Engineers -IEEE-:
6th International Conference on Digital Information and Communication Technology and its Applications, DICTAP 2016 : Konya, Turkey, 21 - 23 July 2016
Piscataway, NJ: IEEE, 2016
ISBN: 978-1-4673-9609-7
ISBN: 978-1-4673-9608-0
ISBN: 978-1-4673-9610-3
International Conference on Digital Information and Communication Technology and its Applications (DICTAP) <6, 2016, Konya>
Fraunhofer IOSB ()
intrusion detection; Ontology; SCADA; security

The integration of networks within an organization made many critical infrastructures (CI) and their underlying communication networks that were rather isolated in the past, accessible from outside via internet. CI heavily rely on the security of their supervisory control and data acquisition (SCADA) systems. As attackers are using ever more sophisticated technologies the threats are always increasing. Therefore it is important to detect attacks quickly and react efficiently to them, thus increasing reliability, security and resilience of the system. To specify a model of security events, attacks and vulnerabilities, we propose an ontology. The system logs provide the events, which the intrusion detection systems (IDS) may recognize as suspicious and could be part of an attack. With the help of data bases for known vulnerabilities together with the system model ongoing attacks may be identified. The ontology-framework together with a respective reasoning component forms the common ground for compliance monitoring and correlation of security events and serves as a basis for the specification and implementation of security data normalization. Then security policies (or goals) can be refined into implementable configurations on critical infrastructure network devices.