Exploration of the Potential of Process Mining for Intrusion Detection in Smart Metering
Process mining is a set of data mining techniques that learn and analyze processes based on event logs. While process mining has recently been proposed for intrusion detection in business processes, it has never been applied to smart metering processes. The goal of this paper is to explore the potential of process mining for the detection of intrusions into smart metering systems. As a case study the remote shutdown process has been modeled and a threat analysis was conducted leading to an extensive attack tree. It is shown that currently proposed process mining techniques based on conformance checking do not suffice to find all attacks of the attack tree; an inclusion of additional perspectives is necessary. Consequences for the design of a realistic testing environment based on simulations are discussed.
Top
- Eibl, Günther
- Ferner, Cornelia
- Hildebrandt, Tobias
- Stertz, Florian
- Burkhart, Sebastian
- Rinderle-Ma, Stefanie
- Engel, Dominik
Top
Category |
Paper in Conference Proceedings or in Workshop Proceedings (Full Paper in Proceedings) |
Event Title |
3rd International Conference on Information Systems Security and Privacy (ICISSP) 2017 |
Divisions |
Workflow Systems and Technology |
Event Location |
Porto, Portugal |
Event Type |
Conference |
Event Dates |
19 - 21 February 2017 |
Date |
February 2017 |
Export |
Top
