{"id":"https://openalex.org/W4390872308","doi":"https://doi.org/10.1109/tsmc.2023.3345254","title":"ANDVI: Automated Network Device and Vulnerability Identification in SCADA/ICS by Passive Monitoring","display_name":"ANDVI: Automated Network Device and Vulnerability Identification in SCADA/ICS by Passive Monitoring","publication_year":2024,"publication_date":"2024-01-15","ids":{"openalex":"https://openalex.org/W4390872308","doi":"https://doi.org/10.1109/tsmc.2023.3345254"},"language":"en","primary_location":{"id":"doi:10.1109/tsmc.2023.3345254","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsmc.2023.3345254","pdf_url":null,"source":{"id":"https://openalex.org/S4210209078","display_name":"IEEE Transactions on Systems Man and Cybernetics Systems","issn_l":"2168-2216","issn":["2168-2216","2168-2232"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Systems, Man, and Cybernetics: Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081594342","display_name":"Alaa T. Al Ghazo","orcid":"https://orcid.org/0000-0001-7029-4487"},"institutions":[{"id":"https://openalex.org/I157392197","display_name":"Hashemite University","ror":"https://ror.org/04a1r5z94","country_code":"JO","type":"education","lineage":["https://openalex.org/I157392197"]}],"countries":["JO"],"is_corresponding":true,"raw_author_name":"Alaa T. AL Ghazo","raw_affiliation_strings":["Department of Mechatronics Engineering, Faculty of Engineering, The Hashemite University, Zarqa, Jordan"],"raw_orcid":"https://orcid.org/0000-0001-7029-4487","affiliations":[{"raw_affiliation_string":"Department of Mechatronics Engineering, Faculty of Engineering, The Hashemite University, Zarqa, Jordan","institution_ids":["https://openalex.org/I157392197"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044031773","display_name":"Ratnesh Kumar","orcid":"https://orcid.org/0000-0003-3974-5790"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ratnesh Kumar","raw_affiliation_strings":["Department of Electrical and Computer Engineering, Iowa State University, Ames, IA, USA"],"raw_orcid":"https://orcid.org/0000-0003-3974-5790","affiliations":[{"raw_affiliation_string":"Department of Electrical and Computer Engineering, Iowa State University, Ames, IA, USA","institution_ids":["https://openalex.org/I173911158"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5081594342"],"corresponding_institution_ids":["https://openalex.org/I157392197"],"apc_list":null,"apc_paid":null,"fwci":4.6541,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.95091538,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"54","issue":"4","first_page":"2539","last_page":"2550"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.9636399745941162},{"id":"https://openalex.org/keywords/modbus","display_name":"Modbus","score":0.9152121543884277},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6472328901290894},{"id":"https://openalex.org/keywords/python","display_name":"Python (programming language)","score":0.631430983543396},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.506117045879364},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.44018465280532837},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.41991788148880005},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.39520394802093506},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3768705725669861},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3742029368877411},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.29917478561401367},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.22465309500694275},{"id":"https://openalex.org/keywords/communications-protocol","display_name":"Communications protocol","score":0.17702531814575195},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17354273796081543}],"concepts":[{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.9636399745941162},{"id":"https://openalex.org/C2776666747","wikidata":"https://www.wikidata.org/wiki/Q1135322","display_name":"Modbus","level":3,"score":0.9152121543884277},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6472328901290894},{"id":"https://openalex.org/C519991488","wikidata":"https://www.wikidata.org/wiki/Q28865","display_name":"Python (programming language)","level":2,"score":0.631430983543396},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.506117045879364},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.44018465280532837},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.41991788148880005},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.39520394802093506},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3768705725669861},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3742029368877411},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.29917478561401367},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.22465309500694275},{"id":"https://openalex.org/C12269588","wikidata":"https://www.wikidata.org/wiki/Q132364","display_name":"Communications protocol","level":2,"score":0.17702531814575195},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17354273796081543},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tsmc.2023.3345254","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsmc.2023.3345254","pdf_url":null,"source":{"id":"https://openalex.org/S4210209078","display_name":"IEEE Transactions on Systems Man and Cybernetics Systems","issn_l":"2168-2216","issn":["2168-2216","2168-2232"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Systems, Man, and Cybernetics: Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/6","display_name":"Clean water and sanitation","score":0.8399999737739563}],"awards":[{"id":"https://openalex.org/G6292047413","display_name":null,"funder_award_id":"NSF-PFI-2141084","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8778038834","display_name":null,"funder_award_id":"NSF-CSSI-2004766","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320309503","display_name":"Rockwell Collins","ror":"https://ror.org/025vwbe15"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W156594575","https://openalex.org/W1580326605","https://openalex.org/W1983442091","https://openalex.org/W2025826947","https://openalex.org/W2109425435","https://openalex.org/W2154971967","https://openalex.org/W2176849474","https://openalex.org/W2285762765","https://openalex.org/W2288614997","https://openalex.org/W2507560392","https://openalex.org/W2594407098","https://openalex.org/W2787262922","https://openalex.org/W2945624265","https://openalex.org/W2946894978","https://openalex.org/W3005848420","https://openalex.org/W3037527366","https://openalex.org/W4256497308","https://openalex.org/W4321454754","https://openalex.org/W4324046769","https://openalex.org/W4377000443","https://openalex.org/W4386472820","https://openalex.org/W6724994265","https://openalex.org/W6734159912"],"related_works":["https://openalex.org/W2117726577","https://openalex.org/W2361898737","https://openalex.org/W2115322934","https://openalex.org/W3011157599","https://openalex.org/W3030741396","https://openalex.org/W2765702057","https://openalex.org/W2480100730","https://openalex.org/W2499998484","https://openalex.org/W3013388283","https://openalex.org/W2265199518"],"abstract_inverted_index":{"Supervisory":[0],"control":[1,8],"and":[2,6,20,28,39,50,77,87,105,132,136,154,157,175,207],"data":[3,111],"acquisition":[4],"(SCADA)":[5],"industrial":[7],"systems":[9,209],"(ICSs)":[10],"are":[11],"designed":[12],"to":[13,36,46,96,140,171,183,187,198,210],"operate":[14],"for":[15,68],"extended":[16],"periods":[17],"of":[18,180],"time":[19],"can":[21,34,42,54,167],"withstand":[22],"extreme":[23],"conditions.":[24],"However,":[25],"operators,":[26],"engineers,":[27],"offices":[29],"change":[30],"over":[31],"time,":[32],"which":[33,53],"lead":[35],"outdated":[37],"documentation":[38],"references.":[40],"This":[41],"make":[43],"it":[44],"difficult":[45],"identify":[47,97,141,176],"system":[48,70,119,203],"components":[49,71,204],"their":[51,212],"vulnerabilities,":[52],"pose":[55],"a":[56],"security":[57],"risk.":[58],"In":[59],"this":[60],"article,":[61],"we":[62,166],"present":[63],"an":[64],"automated":[65,150],"passive":[66],"method":[67],"identifying":[69,202],"based":[72],"on":[73,149],"network":[74,78],"traffic":[75],"structure":[76],"message":[79],"characteristics.":[80],"The":[81,99,192],"proposed":[82,193],"approach":[83],"considers":[84],"both":[85],"TCP/IP":[86],"Modbus,":[88],"the":[89,114,118,124,127,133,177,189],"two":[90],"primary":[91],"communication":[92],"protocols":[93],"in":[94,103,185,201,205],"SCADA,":[95],"devices.":[98],"algorithm":[100,125],"was":[101],"implemented":[102],"Python":[104],"evaluated":[106],"using":[107],"water":[108],"treatment":[109],"SCADA":[110,206],"collected":[112],"from":[113],"iTrust":[115],"facility.":[116],"Once":[117],"devices":[120],"have":[121],"been":[122,196],"identified,":[123],"queries":[126],"National":[128],"Vulnerability":[129],"Database":[130],"(NVD)":[131],"Common":[134],"Vulnerabilities":[135],"Exposures":[137],"(CVE)":[138],"databases":[139],"each":[142],"device\u2019s":[143],"known":[144],"vulnerabilities.":[145],"Using":[146],"our":[147],"research":[148],"attack":[151,173],"graph":[152],"generation":[153],"visualization":[155],"(A2G2V)":[156],"strongly":[158],"connected":[159],"component":[160],"induced":[161],"min":[162],"label":[163],"cut":[164],"(SCCiMLC),":[165],"map":[168],"device":[169,181],"vulnerabilities":[170,182],"system-level":[172],"graphs":[174],"bare":[178],"minimum":[179],"mitigate":[184],"order":[186],"secure":[188],"entire":[190],"system.":[191],"technique":[194],"has":[195],"demonstrated":[197],"be":[199],"beneficial":[200],"ICS":[208],"increase":[211],"security.":[213]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":3}],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2025-10-10T00:00:00"}