Visible to the public A hybrid model for anomaly-based intrusion detection in SCADA networks

TitleA hybrid model for anomaly-based intrusion detection in SCADA networks
Publication TypeConference Paper
Year of Publication2017
AuthorsUllah, I., Mahmoud, Q. H.
Conference Name2017 IEEE International Conference on Big Data (Big Data)
Date Publisheddec
ISBN Number978-1-5386-2715-0
Keywordsanomaly-based Intrusion Detection Systems, compositionality, Computational modeling, cybersecurity, Distributed Analytics and Security Institute Mississippi State University Starkville, fabrication, feature extraction, feature selection, feature selection model, Human Behavior, industrial control, industrial control system, industrial control system dataset, Intrusion detection, learning (artificial intelligence), machine learning, machine learning approach, Metrics, Protocols, pubcrawl, Resiliency, robust hybrid model, SCADA networks, SCADA systems, security of data, supervisory control and data acquisition systems, vulnerabilities, vulnerability detection, Zero-day attacks
Abstract

Supervisory Control and Data Acquisition (SCADA) systems complexity and interconnectivity increase in recent years have exposed the SCADA networks to numerous potential vulnerabilities. Several studies have shown that anomaly-based Intrusion Detection Systems (IDS) achieves improved performance to identify unknown or zero-day attacks. In this paper, we propose a hybrid model for anomaly-based intrusion detection in SCADA networks using machine learning approach. In the first part, we present a robust hybrid model for anomaly-based intrusion detection in SCADA networks. Finally, we present a feature selection model for anomaly-based intrusion detection in SCADA networks by removing redundant and irrelevant features. Irrelevant features in the dataset can affect modeling power and reduce predictive accuracy. These models were evaluated using an industrial control system dataset developed at the Distributed Analytics and Security Institute Mississippi State University Starkville, MS, USA. The experimental results show that our proposed model has a key effect in reducing the time and computational complexity and achieved improved accuracy and detection rate. The accuracy of our proposed model was measured as 99.5 % for specific-attack-labeled.

URLhttps://ieeexplore.ieee.org/document/8258164/
DOI10.1109/BigData.2017.8258164
Citation Keyullah_hybrid_2017