{"id":"https://openalex.org/W3022469555","doi":"https://doi.org/10.1007/978-3-030-12786-2_1","title":"Improving SIEM for Critical SCADA Water Infrastructures Using Machine Learning","display_name":"Improving SIEM for Critical SCADA Water Infrastructures Using Machine Learning","publication_year":2019,"publication_date":"2019-01-01","ids":{"openalex":"https://openalex.org/W3022469555","doi":"https://doi.org/10.1007/978-3-030-12786-2_1","mag":"3022469555"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-030-12786-2_1","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-030-12786-2_1","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://rke.abertay.ac.uk/en/publications/d8fc6652-8cec-4682-908b-6d0822ed5cf9","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Hanan Hindy","orcid":"https://orcid.org/0000-0002-5195-8193"},"institutions":[{"id":"https://openalex.org/I877506347","display_name":"Abertay University","ror":"https://ror.org/04mwwnx67","country_code":"GB","type":"education","lineage":["https://openalex.org/I877506347"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Hanan Hindy","raw_affiliation_strings":["Division of Cyber Security, Abertay University, Dundee, Scotland, UK"],"raw_orcid":"https://orcid.org/0000-0002-5195-8193","affiliations":[{"raw_affiliation_string":"Division of Cyber Security, Abertay University, Dundee, Scotland, UK","institution_ids":["https://openalex.org/I877506347"]}]},{"author_position":"middle","author":{"id":null,"display_name":"David Brosset","orcid":"https://orcid.org/0000-0002-9677-1445"},"institutions":[{"id":"https://openalex.org/I2801296886","display_name":"Institut de Recherche de l\u2019\u00c9cole Navale","ror":"https://ror.org/01v6shv96","country_code":"FR","type":"facility","lineage":["https://openalex.org/I183158303","https://openalex.org/I190752583","https://openalex.org/I190861549","https://openalex.org/I2801296886","https://openalex.org/I4210134562"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"David Brosset","raw_affiliation_strings":["Naval Academy Research Institute, Brest, France"],"raw_orcid":"https://orcid.org/0000-0002-9677-1445","affiliations":[{"raw_affiliation_string":"Naval Academy Research Institute, Brest, France","institution_ids":["https://openalex.org/I2801296886"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Ethan Bayne","orcid":"https://orcid.org/0000-0003-1853-2921"},"institutions":[{"id":"https://openalex.org/I877506347","display_name":"Abertay University","ror":"https://ror.org/04mwwnx67","country_code":"GB","type":"education","lineage":["https://openalex.org/I877506347"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Ethan Bayne","raw_affiliation_strings":["Division of Cyber Security, Abertay University, Dundee, Scotland, UK"],"raw_orcid":"https://orcid.org/0000-0003-1853-2921","affiliations":[{"raw_affiliation_string":"Division of Cyber Security, Abertay University, Dundee, Scotland, UK","institution_ids":["https://openalex.org/I877506347"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Amar Seeam","orcid":"https://orcid.org/0000-0002-8393-3214"},"institutions":[{"id":"https://openalex.org/I4210163761","display_name":"Middlesex University","ror":"https://ror.org/0531tjg57","country_code":"MU","type":"education","lineage":["https://openalex.org/I4210163761"]}],"countries":["MU"],"is_corresponding":false,"raw_author_name":"Amar Seeam","raw_affiliation_strings":["Department of Computer Science, Middlesex University, Flic-en-Flac, Mauritius"],"raw_orcid":"https://orcid.org/0000-0002-8393-3214","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Middlesex University, Flic-en-Flac, Mauritius","institution_ids":["https://openalex.org/I4210163761"]}]},{"author_position":"last","author":{"id":null,"display_name":"Xavier Bellekens","orcid":"https://orcid.org/0000-0003-1849-5788"},"institutions":[{"id":"https://openalex.org/I877506347","display_name":"Abertay University","ror":"https://ror.org/04mwwnx67","country_code":"GB","type":"education","lineage":["https://openalex.org/I877506347"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Xavier Bellekens","raw_affiliation_strings":["Division of Cyber Security, Abertay University, Dundee, Scotland, UK"],"raw_orcid":"https://orcid.org/0000-0003-1849-5788","affiliations":[{"raw_affiliation_string":"Division of Cyber Security, Abertay University, Dundee, Scotland, UK","institution_ids":["https://openalex.org/I877506347"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I877506347"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":null,"fwci":6.2413,"has_fulltext":true,"cited_by_count":23,"citation_normalized_percentile":{"value":0.97375665,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"3","last_page":"19"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9362000226974487,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9362000226974487,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.012299999594688416,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11220","display_name":"Water Systems and Optimization","score":0.010200000368058681,"subfield":{"id":"https://openalex.org/subfields/2205","display_name":"Civil and Structural Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.9114000201225281},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.8640999794006348},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5821999907493591},{"id":"https://openalex.org/keywords/supervisory-control","display_name":"Supervisory control","score":0.4625999927520752},{"id":"https://openalex.org/keywords/industrial-control-system","display_name":"Industrial control system","score":0.4268999993801117},{"id":"https://openalex.org/keywords/control-system","display_name":"Control system","score":0.37630000710487366},{"id":"https://openalex.org/keywords/anomaly","display_name":"Anomaly (physics)","score":0.36419999599456787},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.34689998626708984},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.33730000257492065}],"concepts":[{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.9114000201225281},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.8640999794006348},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8162999749183655},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5821999907493591},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5557000041007996},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4794999957084656},{"id":"https://openalex.org/C92991967","wikidata":"https://www.wikidata.org/wiki/Q7644329","display_name":"Supervisory control","level":3,"score":0.4625999927520752},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.4268999993801117},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.4027999937534332},{"id":"https://openalex.org/C17500928","wikidata":"https://www.wikidata.org/wiki/Q959968","display_name":"Control system","level":2,"score":0.37630000710487366},{"id":"https://openalex.org/C12997251","wikidata":"https://www.wikidata.org/wiki/Q567560","display_name":"Anomaly (physics)","level":2,"score":0.36419999599456787},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.34689998626708984},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.33730000257492065},{"id":"https://openalex.org/C37374048","wikidata":"https://www.wikidata.org/wiki/Q188674","display_name":"Programmable logic controller","level":2,"score":0.3343000113964081},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.32989999651908875},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.32829999923706055},{"id":"https://openalex.org/C155386361","wikidata":"https://www.wikidata.org/wiki/Q1649571","display_name":"Process control","level":3,"score":0.3176000118255615},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.29910001158714294},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.2985000014305115},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.2770000100135803},{"id":"https://openalex.org/C163985040","wikidata":"https://www.wikidata.org/wiki/Q1172399","display_name":"Data acquisition","level":2,"score":0.26969999074935913},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.2619999945163727},{"id":"https://openalex.org/C130963320","wikidata":"https://www.wikidata.org/wiki/Q1401207","display_name":"Root cause analysis","level":2,"score":0.2614000141620636},{"id":"https://openalex.org/C145804949","wikidata":"https://www.wikidata.org/wiki/Q478123","display_name":"Situation awareness","level":2,"score":0.26089999079704285},{"id":"https://openalex.org/C200749887","wikidata":"https://www.wikidata.org/wiki/Q1165574","display_name":"System monitoring","level":2,"score":0.25920000672340393},{"id":"https://openalex.org/C33933514","wikidata":"https://www.wikidata.org/wiki/Q525443","display_name":"Distributed control system","level":3,"score":0.2590000033378601},{"id":"https://openalex.org/C2779697362","wikidata":"https://www.wikidata.org/wiki/Q390516","display_name":"Control room","level":2,"score":0.25450000166893005}],"mesh":[],"locations_count":7,"locations":[{"id":"doi:10.1007/978-3-030-12786-2_1","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-030-12786-2_1","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},{"id":"pmh:oai:rke.abertay.ac.uk:openaire_cris_publications/d8fc6652-8cec-4682-908b-6d0822ed5cf9","is_oa":true,"landing_page_url":"https://rke.abertay.ac.uk/en/publications/d8fc6652-8cec-4682-908b-6d0822ed5cf9","pdf_url":null,"source":{"id":"https://openalex.org/S4306402526","display_name":"Abertay Research Portal (Abertay University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I877506347","host_organization_name":"Abertay University","host_organization_lineage":["https://openalex.org/I877506347"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"Hindy, H, Brosset, D, Bayne, E, Seeam, A & Bellekens, X 2019, Improving SIEM for critical SCADA water infrastructures using machine learning. in S K Katsikas, F Cuppens, N Cuppens, C Lambrinoudakis, A Ant\u00f3n, S Gritzalis, J Mylopoulos & C Kalloniatis (eds), Computer security : ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6\u20137, 2018, revised selected papers. Lecture Notes in Computer Science, vol. 11387, pp. 3-19, International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems, Barcelona, Spain, 6/09/18. https://doi.org/10.1007/978-3-030-12786-2_1","raw_type":"info:eu-repo/semantics/conferenceObject"},{"id":"pmh:oai:arXiv.org:1904.05724","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1904.05724","pdf_url":"https://arxiv.org/pdf/1904.05724","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:HAL:hal-02139453v1","is_oa":false,"landing_page_url":"https://hal.science/hal-02139453","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computer Security ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6\u20137, 2018, Revised Selected Papers, Springer International Publishing, pp.3-19, 2019, 978-3-030-12785-5. &#x27E8;10.1007/978-3-030-12786-2_1&#x27E9;","raw_type":"Book sections"},{"id":"pmh:oai:eprints.mdx.ac.uk:36110","is_oa":false,"landing_page_url":"https://eprints.mdx.ac.uk/36110/","pdf_url":null,"source":{"id":"https://openalex.org/S4306400025","display_name":"Middlesex University Research Repository (Middlesex University Of London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I60488453","host_organization_name":"Middlesex University","host_organization_lineage":["https://openalex.org/I60488453"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference or Workshop Item"},{"id":"pmh:oai:oskar-bordeaux.fr:20.500.12278/76738","is_oa":false,"landing_page_url":"https://oskar-bordeaux.fr/handle/20.500.12278/76738","pdf_url":null,"source":{"id":"https://openalex.org/S4306402569","display_name":"Oskar-Bordeaux (Universite de Bordeaux)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computer SecurityESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6\u20137, 2018, Revised Selected Papers","raw_type":"Chapitre d'ouvrage"},{"id":"pmh:oai:sam.ensam.eu:10985/15039","is_oa":true,"landing_page_url":"http://hdl.handle.net/10985/15039","pdf_url":null,"source":{"id":"https://openalex.org/S4306400009","display_name":"SAM, the Arts et M\u00e9tiers ParisTech open access repository (Paris Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I190752583","host_organization_name":"ParisTech","host_organization_lineage":["https://openalex.org/I190752583"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://hdl.handle.net/10985/15039","raw_type":null}],"best_oa_location":{"id":"pmh:oai:rke.abertay.ac.uk:openaire_cris_publications/d8fc6652-8cec-4682-908b-6d0822ed5cf9","is_oa":true,"landing_page_url":"https://rke.abertay.ac.uk/en/publications/d8fc6652-8cec-4682-908b-6d0822ed5cf9","pdf_url":null,"source":{"id":"https://openalex.org/S4306402526","display_name":"Abertay Research Portal (Abertay University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I877506347","host_organization_name":"Abertay University","host_organization_lineage":["https://openalex.org/I877506347"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"Hindy, H, Brosset, D, Bayne, E, Seeam, A & Bellekens, X 2019, Improving SIEM for critical SCADA water infrastructures using machine learning. in S K Katsikas, F Cuppens, N Cuppens, C Lambrinoudakis, A Ant\u00f3n, S Gritzalis, J Mylopoulos & C Kalloniatis (eds), Computer security : ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6\u20137, 2018, revised selected papers. Lecture Notes in Computer Science, vol. 11387, pp. 3-19, International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems, Barcelona, Spain, 6/09/18. https://doi.org/10.1007/978-3-030-12786-2_1","raw_type":"info:eu-repo/semantics/conferenceObject"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W1590183771","https://openalex.org/W2038865613","https://openalex.org/W2039427951","https://openalex.org/W2041587044","https://openalex.org/W2056451850","https://openalex.org/W2063260786","https://openalex.org/W2142537768","https://openalex.org/W2154971967","https://openalex.org/W2161630727","https://openalex.org/W2399043755","https://openalex.org/W2498119267","https://openalex.org/W2570433379","https://openalex.org/W2591112181","https://openalex.org/W2736616122","https://openalex.org/W2756084950","https://openalex.org/W2766872361","https://openalex.org/W2774169481","https://openalex.org/W2803518490","https://openalex.org/W2804215072","https://openalex.org/W2964216554","https://openalex.org/W3141455185","https://openalex.org/W4246198815","https://openalex.org/W6635036666","https://openalex.org/W6978135970"],"related_works":[],"abstract_inverted_index":null,"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1}],"updated_date":"2026-06-04T09:04:59.091469","created_date":"2020-05-13T00:00:00"}