{"id":"https://openalex.org/W134566909","doi":"https://doi.org/10.1007/978-3-642-45330-4_6","title":"A Distributed Real-Time Event Correlation Architecture for SCADA Security","display_name":"A Distributed Real-Time Event Correlation Architecture for SCADA Security","publication_year":2013,"publication_date":"2013-01-01","ids":{"openalex":"https://openalex.org/W134566909","doi":"https://doi.org/10.1007/978-3-642-45330-4_6","mag":"134566909"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-642-45330-4_6","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-642-45330-4_6","pdf_url":"https://link.springer.com/content/pdf/10.1007%2F978-3-642-45330-4_6.pdf","source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://link.springer.com/content/pdf/10.1007%2F978-3-642-45330-4_6.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101717929","display_name":"Yi Deng","orcid":"https://orcid.org/0000-0002-9316-6880"},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yi Deng","raw_affiliation_strings":["Arlington Research Center, Virginia Polytechnic Institute and State University, Arlington, Virginia, USA"],"affiliations":[{"raw_affiliation_string":"Arlington Research Center, Virginia Polytechnic Institute and State University, Arlington, Virginia, USA","institution_ids":["https://openalex.org/I859038795"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5021517996","display_name":"Sandeep K. Shukla","orcid":"https://orcid.org/0000-0001-5525-7426"},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sandeep Shukla","raw_affiliation_strings":["Arlington Research Center, Virginia Polytechnic Institute and State University, Arlington, Virginia, USA"],"affiliations":[{"raw_affiliation_string":"Arlington Research Center, Virginia Polytechnic Institute and State University, Arlington, Virginia, USA","institution_ids":["https://openalex.org/I859038795"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5101717929"],"corresponding_institution_ids":["https://openalex.org/I859038795"],"apc_list":null,"apc_paid":null,"fwci":3.3386,"has_fulltext":true,"cited_by_count":7,"citation_normalized_percentile":{"value":0.91082971,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"81","last_page":"93"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.7458068132400513},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6930505037307739},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6185302138328552},{"id":"https://openalex.org/keywords/situation-awareness","display_name":"Situation awareness","score":0.5815224051475525},{"id":"https://openalex.org/keywords/event","display_name":"Event (particle physics)","score":0.5783832669258118},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5221955180168152},{"id":"https://openalex.org/keywords/complex-event-processing","display_name":"Complex event processing","score":0.46053388714790344},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.4512575566768646},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.43708446621894836},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.3676910400390625},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1977834701538086},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12746942043304443},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.12225428223609924}],"concepts":[{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.7458068132400513},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6930505037307739},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6185302138328552},{"id":"https://openalex.org/C145804949","wikidata":"https://www.wikidata.org/wiki/Q478123","display_name":"Situation awareness","level":2,"score":0.5815224051475525},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.5783832669258118},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5221955180168152},{"id":"https://openalex.org/C123606473","wikidata":"https://www.wikidata.org/wiki/Q907918","display_name":"Complex event processing","level":3,"score":0.46053388714790344},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.4512575566768646},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.43708446621894836},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.3676910400390625},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1977834701538086},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12746942043304443},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.12225428223609924},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-3-642-45330-4_6","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-642-45330-4_6","pdf_url":"https://link.springer.com/content/pdf/10.1007%2F978-3-642-45330-4_6.pdf","source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},{"id":"pmh:oai:HAL:hal-01456894v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01456894","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"7th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2013, Washington, DC, United States. pp.81-93, &#x27E8;10.1007/978-3-642-45330-4_6&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":{"id":"doi:10.1007/978-3-642-45330-4_6","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-642-45330-4_6","pdf_url":"https://link.springer.com/content/pdf/10.1007%2F978-3-642-45330-4_6.pdf","source":{"id":"https://openalex.org/S4210185096","display_name":"IFIP advances in information and communication technology","issn_l":"1868-422X","issn":["1868-422X","1868-4238"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.6100000143051147,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W134566909.pdf","grobid_xml":"https://content.openalex.org/works/W134566909.grobid-xml"},"referenced_works_count":18,"referenced_works":["https://openalex.org/W24212771","https://openalex.org/W590277682","https://openalex.org/W1151626334","https://openalex.org/W1510812866","https://openalex.org/W1642161466","https://openalex.org/W2007087405","https://openalex.org/W2130673717","https://openalex.org/W2143411673","https://openalex.org/W2144897249","https://openalex.org/W2167118600","https://openalex.org/W2170511342","https://openalex.org/W2499354178","https://openalex.org/W2599014521","https://openalex.org/W2790622811","https://openalex.org/W2791026616","https://openalex.org/W3142860917","https://openalex.org/W3149690933","https://openalex.org/W3150565301"],"related_works":["https://openalex.org/W2615977515","https://openalex.org/W2115760278","https://openalex.org/W2146396794","https://openalex.org/W2807864071","https://openalex.org/W2809162650","https://openalex.org/W2388279172","https://openalex.org/W2617238897","https://openalex.org/W4386714408","https://openalex.org/W2621674343","https://openalex.org/W2096781418"],"abstract_inverted_index":{"Supervisory":[0],"control":[1],"and":[2,11,29,97,100,121],"data":[3],"acquisition":[4],"(SCADA)":[5],"systems":[6,14,24],"require":[7,56],"real-time":[8,117,142],"threat":[9,78],"monitoring":[10],"early":[12],"warning":[13],"to":[15,25,30,102,134,140],"identify":[16,26,103],"cyber":[17,36,77],"attacks.":[18],"Organizations":[19],"typically":[20],"employ":[21],"intrusion":[22,41,53],"detection":[23,42,54,144],"attack":[27,143],"events":[28,46,61,92],"provide":[31],"situational":[32],"awareness.":[33],"However,":[34],"as":[35],"attacks":[37,87,104],"become":[38],"more":[39],"sophisticated,":[40],"signatures":[43],"of":[44,59,105],"single":[45],"are":[47,63,88],"no":[48],"longer":[49],"adequate.":[50],"Indeed,":[51],"effective":[52],"solutions":[55],"the":[57,95],"correlation":[58,74,120],"multiple":[60],"that":[62],"temporally":[64],"and/or":[65],"spatially":[66],"separated.":[67],"This":[68],"paper":[69,110],"proposes":[70],"an":[71],"innovative":[72],"event":[73,84,118],"mechanism":[75],"for":[76,116],"detection,":[79],"which":[80,129],"engages":[81],"a":[82,106,113,126],"semantic":[83],"hierarchy.":[85],"Cyber":[86],"specified":[89],"via":[90],"low-level":[91],"detected":[93],"in":[94,138],"communications":[96,148],"computing":[98,132],"infrastructure":[99],"correlated":[101],"broader":[107],"scope.":[108],"The":[109,123],"also":[111],"describes":[112],"distributed":[114,135],"architecture":[115,124],"capture,":[119],"dissemination.":[122],"employs":[125],"publish/subscribe":[127],"mechanism,":[128],"decentralizes":[130],"limited":[131],"resources":[133],"field":[136],"agents":[137],"order":[139],"enhance":[141],"while":[145],"limiting":[146],"unnecessary":[147],"overhead.":[149]},"counts_by_year":[{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":4}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}