• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.8
• /
• pp.641-653
• /
• 2013

Recent cyber attacks targeting control systems are getting sophisticated and intelligent notoriously. As the existing signature based detection techniques faced with their limitations, a whitelist model with security techniques is getting attention again. However, techniques that are being developed in a whitelist model used at the application level narrowly and cannot provide specific information about anomalism of various cases. In this paper, we classify abnormal cases that can occur in control systems of enterprises and propose a new whitelist model for detecting abnormal cases.