Skip to main content

Research Repository

Advanced Search

Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems

Maglaras, Leandros A.; Jiang, Jianmin; Cruz, Tiago J.

Authors

Jianmin Jiang

Tiago J. Cruz



Abstract

Modern Supervisory Control and Data Acquisition (SCADA) systems used by the electric utility industry to monitor and control electric power generation, transmission and distribution are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasing numbers of widely distributed components. The presence of a real time intrusion detection mechanism, which can cope with different types of attacks, is of great importance in order to defend a system against cyber attacks. This defense mechanism must be distributed, cheap and above all accurate, since false positive alarms or mistakes regarding the origin of the intrusion mean severe costs for the system. Recently an integrated detection mechanism, namely IT-OCSVM, was proposed, which is distributed in a SCADA network as a part of a distributed intrusion detection system (DIDS), providing accurate data about the origin and the time of an intrusion. In this paper we also analyze the architecture of the integrated detection mechanism and we perform extensive simulations based on real cyber attacks in a small SCADA testbed in order to evaluate the performance of the proposed mechanism.

Journal Article Type Article
Online Publication Date May 4, 2016
Publication Date 2016-10
Deposit Date Dec 13, 2022
Journal Journal of Information Security and Applications
Electronic ISSN 2214-2126
Publisher Elsevier
Peer Reviewed Peer Reviewed
Volume 30
Pages 15-26
DOI https://doi.org/10.1016/j.jisa.2016.04.002
Keywords OCSVM, Intrusion detection, SCADA systems, Social analysis
Public URL http://researchrepository.napier.ac.uk/Output/2969573