Novel Intrusion Detection Mechanism with Low Overhead for SCADA Systems

Leandros Maglaras, Helge Janicke, Jianmin Jiang, Andrew Crampton

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

8 Citations (Scopus)

Abstract

SCADA (Supervisory Control and Data Acquisition) systems are a critical part of modern national critical infrastructure (CI) systems. Due to the rapid increase of sophisticated cyber threats with exponentially destructive effects, intrusion detection systems (IDS) must systematically evolve. Specific intrusion detection systems that reassure both high accuracy, low rate of false alarms and decreased overhead on the network traffic must be designed for SCADA systems. In this book chapter we present a novel IDS, namely K-OCSVM, that combines both the capability of detecting novel attacks with high accuracy, due to its core One-Class Support Vector Machine (OCSVM) classification mechanism and the ability to effectively distinguish real alarms from possible attacks under different circumstances, due to its internal recursive k-means clustering algorithm. The effectiveness of the proposed method is evaluated through extensive simulations that are conducted using realistic datasets extracted from small and medium sized HTB SCADA testbeds.
Original languageEnglish
Title of host publicationSecurity Solutions and Applied Cryptography in Smart Grid Communications
Subtitle of host publicationAdvances in Information Security, Privacy, and Ethics
EditorsMohamed Amine Ferrag, Ahmed Ahmim
PublisherIGI Global
Pages160-178
Number of pages19
ISBN (Electronic)9781522518303
ISBN (Print)9781522518297
DOIs
Publication statusPublished - 2017

Publication series

NameSecurity Solutions and Applied Cryptography in Smart Grid Communications
ISSN (Print)1948-9730
ISSN (Electronic)1948-9749

Fingerprint

Dive into the research topics of 'Novel Intrusion Detection Mechanism with Low Overhead for SCADA Systems'. Together they form a unique fingerprint.

Cite this