Abstract
SCADA (Supervisory Control and Data Acquisition) systems are a critical part of modern national critical infrastructure (CI) systems. Due to the rapid increase of sophisticated cyber threats with exponentially destructive effects, intrusion detection systems (IDS) must systematically evolve. Specific intrusion detection systems that reassure both high accuracy, low rate of false alarms and decreased overhead on the network traffic must be designed for SCADA systems. In this book chapter we present a novel IDS, namely K-OCSVM, that combines both the capability of detecting novel attacks with high accuracy, due to its core One-Class Support Vector Machine (OCSVM) classification mechanism and the ability to effectively distinguish real alarms from possible attacks under different circumstances, due to its internal recursive k-means clustering algorithm. The effectiveness of the proposed method is evaluated through extensive simulations that are conducted using realistic datasets extracted from small and medium sized HTB SCADA testbeds.
Original language | English |
---|---|
Title of host publication | Security Solutions and Applied Cryptography in Smart Grid Communications |
Subtitle of host publication | Advances in Information Security, Privacy, and Ethics |
Editors | Mohamed Amine Ferrag, Ahmed Ahmim |
Publisher | IGI Global |
Pages | 160-178 |
Number of pages | 19 |
ISBN (Electronic) | 9781522518303 |
ISBN (Print) | 9781522518297 |
DOIs | |
Publication status | Published - 2017 |
Publication series
Name | Security Solutions and Applied Cryptography in Smart Grid Communications |
---|---|
ISSN (Print) | 1948-9730 |
ISSN (Electronic) | 1948-9749 |
Fingerprint
Dive into the research topics of 'Novel Intrusion Detection Mechanism with Low Overhead for SCADA Systems'. Together they form a unique fingerprint.Profiles
-
Andrew Crampton
- Department of Computer Science - Professor
- Centre for Planning, Autonomy and Representation of Knowledge - Member
- Centre for Autonomous and Intelligent Systems - Member
- Centre for Cybersecurity - Affiliate
Person: Academic