@inbook {IOPORT.05768087,
    author       = {Carcano, Andrea and Fovino, Igor Nai and Masera, Marcelo and Trombetta, Alberto},
    title        = {State-based network intrusion detection systems for SCADA protocols: A proof of concept.},
    year         = {2010},
    booktitle    = {Critical information infrastructures security. 4th international workshop, CRITIS 2009, Bonn, Germany, September 30 -- October 2, 2009. Revised papers},
    isbn         = {978-3-642-14378-6},
    pages        = {138-150},
    publisher    = {Berlin: Springer},
    doi          = {10.1007/978-3-642-14379-3_12},
    abstract     = {Summary: We present a novel Intrusion Detection System able to detect complex attacks to SCADA systems. By complex attack, we mean a set of commands (carried in Modbus packets) that, while licit when considered in isolation on a single-packet basis, interfere with the correct behavior of the system. The proposed IDS detects such attacks thanks to an internal representation of the controlled SCADA system and a corresponding rule language, powerful enough to express the system's critical states. Furthermore, we detail the implementation and provide experimental comparative results.},
    identifier   = {05768087},
}