Accession Number : ADA610092


Title :   Analysis of a SCADA System Anomaly Detection Model Based on Information Entropy


Descriptive Note : Master's thesis


Corporate Author : AIR FORCE INSTITUTE OF TECHNOLOGY WRIGHT-PATTERSON AFB OH GRADUATE SCHOOL OF ENGINEERING AND MANAGEMENT


Personal Author(s) : Wales, Jesse G


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a610092.pdf


Report Date : 27 Mar 2014


Pagination or Media Count : 124


Abstract : SCADA (supervisory control and data acquisition) systems monitor and control many different types of critical infrastructure such as power, water, transportation, and pipelines. These once isolated systems are increasingly being connected to the internet to improve operations, which creates vulnerabilities to attacks. A SCADA operator receives automated alarms concerning system components operating out of normal thresholds. These alarms are susceptible to manipulation by an attacker. This research uses information theory to build an anomaly detection model that quantifies the uncertainty of the system based on alarm message frequency. Several attack scenarios are statistically analyzed for their significance including someone injecting false alarms or hiding alarms. This research evaluates the use of information theory for anomaly detection and the impact of different attack scenarios.


Descriptors :   *ANOMALIES , *DETECTION , *INFORMATION THEORY , *MESSAGE PROCESSING , ATTACK , AUTOMATION , CONTROL , DATA ACQUISITION , FALSE ALARMS , FREQUENCY , IMPACT , INFRASTRUCTURE , MODELS , MONITORING , OPERATORS(PERSONNEL) , POWER , SCENARIOS , THESES , TRANSPORTATION , UNCERTAINTY , VULNERABILITY , WARNING SYSTEMS


Subject Categories : Information Science
      Miscellaneous Detection and Detectors


Distribution Statement : APPROVED FOR PUBLIC RELEASE