Supervisory Control and Data Acquisition (SCADA) networks are commonly deployed to aid the operation of large industrial facilities. The polling mechanism used to retrieve data from field devices causes the data transmission to be highly periodic. In this paper, we propose an approach that exploits traffic periodicity to detect traffic anomalies, which represent potential intrusion attempts. We present a proof of concept to show the feasibility of our approach.
展开▼
