A hybrid model for anomaly-based intrusion detection in SCADA networks
Title | A hybrid model for anomaly-based intrusion detection in SCADA networks |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Ullah, I., Mahmoud, Q. H. |
Conference Name | 2017 IEEE International Conference on Big Data (Big Data) |
Date Published | dec |
ISBN Number | 978-1-5386-2715-0 |
Keywords | anomaly-based Intrusion Detection Systems, compositionality, Computational modeling, cybersecurity, Distributed Analytics and Security Institute Mississippi State University Starkville, fabrication, feature extraction, feature selection, feature selection model, Human Behavior, industrial control, industrial control system, industrial control system dataset, Intrusion detection, learning (artificial intelligence), machine learning, machine learning approach, Metrics, Protocols, pubcrawl, Resiliency, robust hybrid model, SCADA networks, SCADA systems, security of data, supervisory control and data acquisition systems, vulnerabilities, vulnerability detection, Zero-day attacks |
Abstract | Supervisory Control and Data Acquisition (SCADA) systems complexity and interconnectivity increase in recent years have exposed the SCADA networks to numerous potential vulnerabilities. Several studies have shown that anomaly-based Intrusion Detection Systems (IDS) achieves improved performance to identify unknown or zero-day attacks. In this paper, we propose a hybrid model for anomaly-based intrusion detection in SCADA networks using machine learning approach. In the first part, we present a robust hybrid model for anomaly-based intrusion detection in SCADA networks. Finally, we present a feature selection model for anomaly-based intrusion detection in SCADA networks by removing redundant and irrelevant features. Irrelevant features in the dataset can affect modeling power and reduce predictive accuracy. These models were evaluated using an industrial control system dataset developed at the Distributed Analytics and Security Institute Mississippi State University Starkville, MS, USA. The experimental results show that our proposed model has a key effect in reducing the time and computational complexity and achieved improved accuracy and detection rate. The accuracy of our proposed model was measured as 99.5 % for specific-attack-labeled. |
URL | https://ieeexplore.ieee.org/document/8258164/ |
DOI | 10.1109/BigData.2017.8258164 |
Citation Key | ullah_hybrid_2017 |
- learning (artificial intelligence)
- Zero-day attacks
- vulnerability detection
- vulnerabilities
- supervisory control and data acquisition systems
- security of data
- SCADA systems
- SCADA networks
- robust hybrid model
- Resiliency
- pubcrawl
- Protocols
- Metrics
- machine learning approach
- machine learning
- anomaly-based Intrusion Detection Systems
- Intrusion Detection
- industrial control system dataset
- industrial control system
- industrial control
- Human behavior
- feature selection model
- Feature Selection
- feature extraction
- fabrication
- Distributed Analytics and Security Institute Mississippi State University Starkville
- Cybersecurity
- Computational modeling
- Compositionality