From datasets and testbeds to timing-based anomaly detection

This presentation will describe the latest work done on data collection, emulation and analysis within RICS, and the application of machine learning algorithms for anomaly detection. It will include a demonstration of the virtual SCADA system built at FOI (RICS-el) by FOI engineers. Simin then goes on to describe how anomaly detection using only timing attributes of traffic in SCADA networks can indicate early signs of complex attacks. The methods for anomaly detection have been evaluated both on synthetic data from RICS-el and data collected at a Swedish utility company.

Previous Presentation

Robert Lagerström