Biblio

Intentional attacks1 that cause country wide blackouts, gas and water systems malfunction are actions that can be carried out by a nation to impact on another nation in a mean of war. Supervisory control and data acquisition (SCADA) networks that allow for communication for the utilities companies were designed with no security in mind causing the systems that a nation relies on to fall vulnerable to exploitation. Since SCADA networks are static in nature with pre-defined signatures of network traffic, we propose to design an anomaly-based intrusion detection system to detect abnormality in SCADA network traffic and protocols. We gather normal SCADA network traffic via tapping on the network for 30 days and then attack the network using Denial of Service (DoS) attack, message spoofing attack and man-in-the middle attack. We then train a classifier with two classes, normal and abnormal and report the classifier accuracy in detecting abnormal SCADA network traffic.

The need for security1 continues to grow in distributed computing. Today's security solutions require greater scalability and convenience in cloud-computing architectures, in addition to the ability to store and process larger volumes of data to address very sophisticated attacks. This paper explores some of the existing architectures for big data intelligence analytics, and proposes an architecture that promises to provide greater security for data intensive environments. The architecture is designed to leverage the wealth in the multi-source information for security intelligence.