@inproceedings{29fa4c6c02744af49e9cf602df512a0f,
title = "Anomaly based intrusion detection for Building Automation and Control networks",
abstract = "Advanced networking technology and increasing information services have led to extensive interconnection between Building Automation and Control (BAC) networks and Internet. The connection to Internet and public networks massively elevates the risk of the BAC networks being attacked. In this paper, we present a framework for a rule based anomaly detection of Building Automation and Control networks. We develop an anomaly based intrusion detection system to the building network by training the system with dataflows that are dynamically captured from the Fire Alarm System testbed using the BACnet Protocol Monitoring module. The rules acquired from the offline data mining procedure can detect attacks against the BACnet protocol with an extremely low false positive rate. We evaluate our approach by launching several attacks that exploit the generic vulnerabilities of the BACnet Protocol. A classification of detected attacks is introduced at the end.",
keywords = "BACnet, Data mining, SCADA, anomaly detection",
author = "Zhiwen Pan and Salim Hariri and Youssif Al-Nashif",
note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 2014 11th IEEE/ACS International Conference on Computer Systems and Applications, AICCSA 2014 ; Conference date: 10-11-2014 Through 13-11-2014",
year = "2014",
doi = "10.1109/AICCSA.2014.7073181",
language = "English (US)",
series = "Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA",
publisher = "IEEE Computer Society",
pages = "72--77",
booktitle = "2014 IEEE/ACS 11th International Conference on Computer Systems and Applications, AICCSA 2014",
}