Skip to main content

Research Repository

Advanced Search

Novel Intrusion Detection Mechanism with Low Overhead for SCADA Systems

Maglaras, Leandros; Janicke, Helge; Jiang, Jianmin; Crampton, Andrew

Authors

Helge Janicke

Jianmin Jiang

Andrew Crampton



Abstract

SCADA (Supervisory Control and Data Acquisition) systems are a critical part of modern national critical infrastructure (CI) systems. Due to the rapid increase of sophisticated cyber threats with exponentially destructive effects, intrusion detection systems (IDS) must systematically evolve. Specific intrusion detection systems that reassure both high accuracy, low rate of false alarms and decreased overhead on the network traffic must be designed for SCADA systems. In this book chapter we present a novel IDS, namely K-OCSVM, that combines both the capability of detecting novel attacks with high accuracy, due to its core One-Class Support Vector Machine (OCSVM) classification mechanism and the ability to effectively distinguish real alarms from possible attacks under different circumstances, due to its internal recursive k-means clustering algorithm. The effectiveness of the proposed method is evaluated through extensive simulations that are conducted using realistic datasets extracted from small and medium sized HTB SCADA testbeds.

Publication Date Sep 6, 2019
Deposit Date Jan 6, 2023
Publisher IGI Global
Pages 299-318
Book Title Securing the Internet of Things: Concepts, Methodologies, Tools, and Applications
ISBN 9781522598664
DOI https://doi.org/10.4018/978-1-5225-9866-4.ch017
Public URL http://researchrepository.napier.ac.uk/Output/2969361