Show simple item record

dc.contributor.authorRahman, A
dc.contributor.authorXu, Y
dc.contributor.authorRadke, K
dc.contributor.authorFoo, E
dc.date.accessioned2020-03-25T01:31:43Z
dc.date.available2020-03-25T01:31:43Z
dc.date.issued2016
dc.identifier.isbn9783319462974
dc.identifier.issn0302-9743
dc.identifier.doi10.1007/978-3-319-46298-1_32
dc.identifier.urihttp://hdl.handle.net/10072/392609
dc.description.abstractPattern mining is a branch of data mining used to discover hidden patterns or correlations among data. We use rare sequential pattern mining to find anomalies in critical infrastructure control networks such as supervisory control and data acquisition (SCADA) networks. As anomalous events occur rarely in a system and SCADA systems’ topology and actions do not change often, we argue that some anomalies can be detected using rare sequential pattern mining. This anomaly detection would be useful for intrusion detection or erroneous behaviour of a system. Although research into rare itemsets mining previously exists, neither research into rare sequential pattern mining nor its applicability to SCADA system anomaly detection has previously been completed. Moreover, since there is no consideration to events order, the applicability to intrusion detection in SCADA is minimal. By ensuring the events’ order is maintained, in this paper, we propose a novel Rare Sequential Pattern Mining (RSPM) technique which is a useful anomaly detection system for SCADA. We compared our algorithm with a rare itemset mining algorithm and found anomalous events in SCADA logs.
dc.description.peerreviewedYes
dc.publisherSpringer International Publishing
dc.relation.ispartofconferencename10th International Conference on Network and System Security (NSS 2016)
dc.relation.ispartofconferencetitleNetwork and System Security
dc.relation.ispartofdatefrom2016-09-28
dc.relation.ispartofdateto2016-09-30
dc.relation.ispartoflocationTaipei, Taiwan
dc.relation.ispartofpagefrom499
dc.relation.ispartofpageto506
dc.relation.ispartofseriesLecture Notes in Computer Science
dc.relation.ispartofvolume9955
dc.subject.fieldofresearchPattern recognition
dc.subject.fieldofresearchData mining and knowledge discovery
dc.subject.fieldofresearchcode460308
dc.subject.fieldofresearchcode460502
dc.titleFinding anomalies in SCADA logs using rare sequential pattern mining
dc.typeConference output
dc.type.descriptionE1 - Conferences
dcterms.bibliographicCitationRahman, A; Xu, Y; Radke, K; Foo, E, Finding anomalies in SCADA logs using rare sequential pattern mining, Network and System Security, 2016, 9955, pp. 499-506
dc.date.updated2020-03-25T01:25:05Z
dc.description.versionAccepted Manuscript (AM)
gro.rights.copyright© Springer International Publishing AG 2016. This is the author-manuscript version of this paper. Reproduced in accordance with the copyright policy of the publisher. The original publication is available at www.springerlink.com
gro.hasfulltextFull Text
gro.griffith.authorFoo, Ernest


Files in this item

This item appears in the following Collection(s)

  • Conference outputs
    Contains papers delivered by Griffith authors at national and international conferences.

Show simple item record