| Title | SCADA Networks Anomaly-based Intrusion Detection System |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Almehmadi, Abdulaziz |
| Conference Name | Proceedings of the 11th International Conference on Security of Information and Networks |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-6608-3 |
| Keywords | anomaly-based intrusion detection system, composability, Human Behavior, pubcrawl, Resiliency, SCADA, SCADA Systems Security |
| Abstract | Intentional attacks1 that cause country wide blackouts, gas and water systems malfunction are actions that can be carried out by a nation to impact on another nation in a mean of war. Supervisory control and data acquisition (SCADA) networks that allow for communication for the utilities companies were designed with no security in mind causing the systems that a nation relies on to fall vulnerable to exploitation. Since SCADA networks are static in nature with pre-defined signatures of network traffic, we propose to design an anomaly-based intrusion detection system to detect abnormality in SCADA network traffic and protocols. We gather normal SCADA network traffic via tapping on the network for 30 days and then attack the network using Denial of Service (DoS) attack, message spoofing attack and man-in-the middle attack. We then train a classifier with two classes, normal and abnormal and report the classifier accuracy in detecting abnormal SCADA network traffic. |
| URL | http://doi.acm.org/10.1145/3264437.3264471 |
| DOI | 10.1145/3264437.3264471 |
| Citation Key | almehmadi_scada_2018 |
SCADA Networks Anomaly-based Intrusion Detection System