A Distributed Security Event Correlation Platform for SCADA

Alves, Pedro Guedes

A Distributed Security Event Correlation Platform for SCADA

Bibliographic Details
Main Author:	Alves, Pedro Guedes
Publication Date:	2014
Format:	Master thesis
Language:	eng
Source:	Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Download full:	https://hdl.handle.net/10316/35539
Summary:	Dissertação de Mestrado em Engenharia Informática apresentada à Faculdade de Ciências e Tecnologia da Universidade de Coimbra

Item metadata

id	RCAP_ca22cfc0a37c8dd17a5fc5b3e5c3d21d
oai_identifier_str	oai:estudogeral.uc.pt:10316/35539
network_acronym_str	RCAP
network_name_str	Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str	https://opendoar.ac.uk/repository/7160
spelling	A Distributed Security Event Correlation Platform for SCADAEvent CorrelationEvent ProcessingDistributed Event CorrelationIntrusion DetectionSCADADissertação de Mestrado em Engenharia Informática apresentada à Faculdade de Ciências e Tecnologia da Universidade de CoimbraCritical Infrastructures rely on Industrial Control Systems (ICS) such as Supervisory Control and Data Acquisition (SCADA) to operate the networks and systems of vital assets for the functioning of society and economy. SCADA systems were traditionally isolated and used closed architectures with proprietary protocols, but nowadays this systems use open standards with open architectures that are highly interconnected with other corporate networks and the internet. As a result, the vulnerability of these systems to cyber-attacks increased considerably. This thesis is integrated in the work developed by the Laboratory of Communications and Telematics for CockpiCI, an European Framework FP7 research project, whose goal is to provide intrusion detection, analysis and protection techniques to Critical Infrastructures. The design and implementation of an event correlation platform for detection of cyberattacks in SCADA systems are detailed in this thesis. The developed correlation platform implements the means to collect, process and correlate security events from differently distributed sources. The validation performed to this system demonstrated its resiliency, performance and correlation capabilities to detect cyber-attacks. The platform presented will be deployed in a test bed that includes critical infrastructures simulated by real equipment and enterprise Industrial Control Systems, this will allow a further validation of its concepts and capabilities.2014-07-07info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesishttps://hdl.handle.net/10316/35539https://hdl.handle.net/10316/35539TID:201539071engAlves, Pedro Guedesinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2022-01-21T17:34:32Zoai:estudogeral.uc.pt:10316/35539Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T05:12:47.775949Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv	A Distributed Security Event Correlation Platform for SCADA
title	A Distributed Security Event Correlation Platform for SCADA
spellingShingle	A Distributed Security Event Correlation Platform for SCADA Alves, Pedro Guedes Event Correlation Event Processing Distributed Event Correlation Intrusion Detection SCADA
title_short	A Distributed Security Event Correlation Platform for SCADA
title_full	A Distributed Security Event Correlation Platform for SCADA
title_fullStr	A Distributed Security Event Correlation Platform for SCADA
title_full_unstemmed	A Distributed Security Event Correlation Platform for SCADA
title_sort	A Distributed Security Event Correlation Platform for SCADA
author	Alves, Pedro Guedes
author_facet	Alves, Pedro Guedes
author_role	author
dc.contributor.author.fl_str_mv	Alves, Pedro Guedes
dc.subject.por.fl_str_mv	Event Correlation Event Processing Distributed Event Correlation Intrusion Detection SCADA
topic	Event Correlation Event Processing Distributed Event Correlation Intrusion Detection SCADA
description	Dissertação de Mestrado em Engenharia Informática apresentada à Faculdade de Ciências e Tecnologia da Universidade de Coimbra
publishDate	2014
dc.date.none.fl_str_mv	2014-07-07
dc.type.status.fl_str_mv	info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv	info:eu-repo/semantics/masterThesis
format	masterThesis
status_str	publishedVersion
dc.identifier.uri.fl_str_mv	https://hdl.handle.net/10316/35539 https://hdl.handle.net/10316/35539 TID:201539071
url	https://hdl.handle.net/10316/35539
identifier_str_mv	TID:201539071
dc.language.iso.fl_str_mv	eng
language	eng
dc.rights.driver.fl_str_mv	info:eu-repo/semantics/openAccess
eu_rights_str_mv	openAccess
dc.source.none.fl_str_mv	reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia instacron:RCAAP
instname_str	FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str	RCAAP
institution	RCAAP
reponame_str	Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection	Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv	Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv	info@rcaap.pt
_version_	1833602285489356800

A Distributed Security Event Correlation Platform for SCADA

Similar Items