Intelligent Intrusion Detection Approach for SCADA System Protection
نویسنده
چکیده
In traditional intrusion detection systems (IDS) used for critical infrastructure protection, such as SCADA (Supervisory Control and Data Acquisition) systems, intrusion alerts are analyzed by human analysts (security analysts). They evaluate the alerts and take decisions accordingly. Nevertheless, this is an extremely difficult and time consuming task as the number of alerts generated could be quite large and the environment may also change rapidly. This makes automated detection techniques more efficient for intrusion detection than human analysts. This paper we describes a new European Framework-7 funded research project, CockpicCI, and introduce an intelligent rick detection and analysis technique for Critical Infrastructures (CI). Results show that the proposed OCSVM (One Class Support Vector Machine) based intrusion detection approach can be effectively used to detect both known and unknown attacks. Keywords— Critical infrastructures, Anomaly detection and Cyber-security.
منابع مشابه
Intrusion Detection via Machine Learning for SCADA System Protection
SCADA (Supervisory Control And Data Acquisition) systems have always been susceptible to cyber-attacks. Different types of cyber-attacks could occur depending on the architecture and configurations used in the SCADA system. To protect cyber infrastructure from above attacks a growing collaborative effort between cyber security professionals and researchers from private and academia has involved...
متن کاملA Model-based Approach to Self-Protection in SCADA Systems
Supervisory Control and Data Acquisition (SCADA) systems, which are widely used in monitoring and controlling critical infrastructure sectors, are highly vulnerable to cyber attacks. Current security solutions can protect SCADA systems from known cyber assaults, but most solutions require human intervention. This paper applies autonomic computing technology to monitor SCADA system performance, ...
متن کاملIntrusion Detection and Event Monitoring in SCADA Networks
This paper describes the implementation of a customized intrusion detection and event monitoring system for a SCADA/sensor testbed. The system raises alerts upon detecting potential unauthorized access and changes in device settings. By markedly increasing the logging of critical network events, the system shows dramatic improvements in both the security and overall auditing capabilities. In ad...
متن کاملUsing a Specification-based Intrusion Detection System to Extend the DNP3 Protocol with Security Functionalities
Modern SCADA systems are increasingly adopting Internet technologies to control distributed industrial assets. As proprietary communication protocols are increasingly being used over public networks without efficient protection mechanisms, it is increasingly easier for attackers to penetrate into the communication networks of companies that operate electrical power grids, water plants, and othe...
متن کاملHierarchical Online Intrusion Detection for SCADA Networks
We propose a novel hierarchical online intrusion detection system (HOIDS) for supervisory control and data acquisition (SCADA) networks based on machine learning algorithms. By utilizing the server-client topology while keeping clients distributed for global protection, high detection rate is achieved with minimum network impact. We implement accurate models of normal-abnormal binary detection ...
متن کامل