Table 6 Comparison of process-aware IDS techniques
From: An integrated testbed for locally monitoring SCADA systems in smart grids
Work | Approach | Sector | Validation | Detection | Prevention | Rules | Location |
|---|---|---|---|---|---|---|---|
Learned | ICS (tank) | TB, RS | Yes | No | Static | Local | |
Specification | PG | SIM | Yes | Yes | Dynamic | Central | |
Urbina et al. (2016) | Specification | ICS, PG | SIM, TB, RS | Yes | No | Dynamic | Local |
Koutsandria et al. (2015; 2014), Parvania et al. (2014)) | Specification | PG | TB | Yes | Yes | Dynamic (not yet) | Local |
Caselli et al. (2015) | Learned | ICS | RS | Yes | No | Static | Local |
Specification | PG | None | Yes | No | Static | Local | |
Specification | PG | SIM | Yes | No | Dynamic | Distributed | |
Specification | PG | SIM | Yes | Yes | Dynamic | Distributed Delay, Central Detection | |
The proposed approach | Specification | PG | SIM | Yes | Yes | Dynamic | Local |