{"id":"https://openalex.org/W2278122303","doi":"https://doi.org/10.1007/978-3-319-26567-4_6","title":"Traffic-Locality-Based Creation of Flow Whitelists for SCADA Networks","display_name":"Traffic-Locality-Based Creation of Flow Whitelists for SCADA Networks","publication_year":2015,"publication_date":"2015-01-01","ids":{"openalex":"https://openalex.org/W2278122303","doi":"https://doi.org/10.1007/978-3-319-26567-4_6","mag":"2278122303"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-319-26567-4_6","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-319-26567-4_6","pdf_url":null,"source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://inria.hal.science/hal-01431015","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071326404","display_name":"Seungoh Choi","orcid":null},"institutions":[{"id":"https://openalex.org/I4210118593","display_name":"Korean Association for Public Security Administration","ror":"https://ror.org/02d5yh638","country_code":"KR","type":"other","lineage":["https://openalex.org/I4210118593"]},{"id":"https://openalex.org/I4387156240","display_name":"National Security Research Institute","ror":"https://ror.org/01rg5mm74","country_code":"KR","type":"government","lineage":["https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098","https://openalex.org/I4387156240"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Seungoh Choi","raw_affiliation_strings":["National Security Research Institute, Daejeon, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Security Research Institute, Daejeon, South Korea","institution_ids":["https://openalex.org/I4210118593","https://openalex.org/I4387156240"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038602184","display_name":"Yeop Chang","orcid":"https://orcid.org/0000-0002-1329-5931"},"institutions":[{"id":"https://openalex.org/I4210118593","display_name":"Korean Association for Public Security Administration","ror":"https://ror.org/02d5yh638","country_code":"KR","type":"other","lineage":["https://openalex.org/I4210118593"]},{"id":"https://openalex.org/I4387156240","display_name":"National Security Research Institute","ror":"https://ror.org/01rg5mm74","country_code":"KR","type":"government","lineage":["https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098","https://openalex.org/I4387156240"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Yeop Chang","raw_affiliation_strings":["National Security Research Institute, Daejeon, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Security Research Institute, Daejeon, South Korea","institution_ids":["https://openalex.org/I4210118593","https://openalex.org/I4387156240"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112052807","display_name":"Jeong-Han Yun","orcid":null},"institutions":[{"id":"https://openalex.org/I4210118593","display_name":"Korean Association for Public Security Administration","ror":"https://ror.org/02d5yh638","country_code":"KR","type":"other","lineage":["https://openalex.org/I4210118593"]},{"id":"https://openalex.org/I4387156240","display_name":"National Security Research Institute","ror":"https://ror.org/01rg5mm74","country_code":"KR","type":"government","lineage":["https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098","https://openalex.org/I4387156240"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Jeong-Han Yun","raw_affiliation_strings":["National Security Research Institute, Daejeon, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Security Research Institute, Daejeon, South Korea","institution_ids":["https://openalex.org/I4210118593","https://openalex.org/I4387156240"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5008512307","display_name":"Woonyon Kim","orcid":"https://orcid.org/0000-0002-3580-4231"},"institutions":[{"id":"https://openalex.org/I4210118593","display_name":"Korean Association for Public Security Administration","ror":"https://ror.org/02d5yh638","country_code":"KR","type":"other","lineage":["https://openalex.org/I4210118593"]},{"id":"https://openalex.org/I4387156240","display_name":"National Security Research Institute","ror":"https://ror.org/01rg5mm74","country_code":"KR","type":"government","lineage":["https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098","https://openalex.org/I4387156240"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Woonyon Kim","raw_affiliation_strings":["National Security Research Institute, Daejeon, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Security Research Institute, Daejeon, South Korea","institution_ids":["https://openalex.org/I4210118593","https://openalex.org/I4387156240"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.8839,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.90327252,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"87","last_page":"102"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.9767499566078186},{"id":"https://openalex.org/keywords/locality","display_name":"Locality","score":0.6774765253067017},{"id":"https://openalex.org/keywords/handshaking","display_name":"Handshaking","score":0.6435973048210144},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5622825622558594},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5480010509490967},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5431957840919495},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.420513391494751},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.39839959144592285},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.28926149010658264},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.07773640751838684}],"concepts":[{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.9767499566078186},{"id":"https://openalex.org/C2779808786","wikidata":"https://www.wikidata.org/wiki/Q6664603","display_name":"Locality","level":2,"score":0.6774765253067017},{"id":"https://openalex.org/C58861099","wikidata":"https://www.wikidata.org/wiki/Q548838","display_name":"Handshaking","level":2,"score":0.6435973048210144},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5622825622558594},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5480010509490967},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5431957840919495},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.420513391494751},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.39839959144592285},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.28926149010658264},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.07773640751838684},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-3-319-26567-4_6","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-319-26567-4_6","pdf_url":null,"source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},{"id":"pmh:oai:HAL:hal-01431015v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01431015","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"9th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2015, Arlington, VA, United States. pp.87-102, &#x27E8;10.1007/978-3-319-26567-4_6&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":{"id":"pmh:oai:HAL:hal-01431015v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01431015","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"9th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2015, Arlington, VA, United States. pp.87-102, &#x27E8;10.1007/978-3-319-26567-4_6&#x27E9;","raw_type":"Conference papers"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.4399999976158142}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W2022405071","https://openalex.org/W2035095458","https://openalex.org/W2056944867","https://openalex.org/W2120400483","https://openalex.org/W2188955186","https://openalex.org/W2214032219","https://openalex.org/W4256497308"],"related_works":["https://openalex.org/W2615977515","https://openalex.org/W2115760278","https://openalex.org/W2882999853","https://openalex.org/W2146396794","https://openalex.org/W2809162650","https://openalex.org/W1997191995","https://openalex.org/W2807864071","https://openalex.org/W2388279172","https://openalex.org/W2059936816","https://openalex.org/W2278122303"],"abstract_inverted_index":{"The":[0,103],"security":[1],"of":[2,17,89],"supervisory":[3],"control":[4],"and":[5,30,68,92],"data":[6],"acquisition":[7],"(SCADA)":[8],"networks":[9,23],"has":[10,46],"attracted":[11],"considerable":[12],"attention":[13],"since":[14],"the":[15,79,108],"discovery":[16],"Stuxnet":[18],"in":[19,59,99,115],"2010.":[20],"Meanwhile,":[21],"SCADA":[22,52,60,101,116],"have":[24],"become":[25,47],"increasingly":[26],"interconnected":[27],"both":[28],"locally":[29],"remotely.":[31],"It":[32],"is,":[33],"therefore,":[34],"necessary":[35],"to":[36,73,95],"develop":[37],"effective":[38,111],"network":[39,57],"intrusion":[40,44],"detection":[41,45],"capabilities.":[42],"Whitelist-based":[43],"an":[48],"attractive":[49],"approach":[50],"for":[51,86,113],"networks.":[53,117],"However,":[54],"when":[55],"analyzing":[56],"traffic":[58],"systems,":[61],"general":[62],"properties":[63],"such":[64],"as":[65],"TCP":[66],"handshaking":[67],"common":[69],"ports":[70],"are":[71],"insufficient":[72],"create":[74],"flow":[75,90],"whitelists.":[76],"To":[77],"address":[78],"problem,":[80],"this":[81],"chapter":[82],"proposes":[83],"a":[84],"methodology":[85,109],"locality-based":[87],"creation":[88],"whitelists":[91,112],"conducts":[93],"experiments":[94],"evaluate":[96],"its":[97],"effectiveness":[98],"seven":[100],"systems.":[102],"experimental":[104],"results":[105],"demonstrate":[106],"that":[107],"generates":[110],"deployment":[114]},"counts_by_year":[{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}