Visible to the public Intrusion Detection Model of SCADA Using Graphical Features

TitleIntrusion Detection Model of SCADA Using Graphical Features
Publication TypeConference Paper
Year of Publication2018
AuthorsWang, Dinghua, Feng, Dongqin
Conference Name2018 IEEE 3rd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC)
Keywordsclassification model, command injection, command injection attacks, composability, data set, data visualisation, denial of service, feature extraction, graphic area features, graphical features, iec 60870-5-104, industrial control, industrial control systems, information scanning, Intrusion detection, intrusion detection experiment environment, intrusion detection model, Intrusion Detection System (IDS), Law, Mathematical model, message transmission, Metrics, pattern classification, Power systems, production engineering computing, Protocols, pubcrawl, Resiliency, response injection, SCADA, SCADA systems, security of data, supervisory control and data acquisition (SCADA), supervisory control and data acquisition system, time series, time series features
AbstractSupervisory control and data acquisition system is an important part of the country's critical infrastructure, but its inherent network characteristics are vulnerable to attack by intruders. The vulnerability of supervisory control and data acquisition system was analyzed, combining common attacks such as information scanning, response injection, command injection and denial of service in industrial control systems, and proposed an intrusion detection model based on graphical features. The time series of message transmission were visualized, extracting the vertex coordinates and various graphic area features to constitute a new data set, and obtained classification model of intrusion detection through training. An intrusion detection experiment environment was built using tools such as MATLAB and power protocol testers. IEC 60870-5-104 protocol which is widely used in power systems had been taken as an example. The results of tests have good effectiveness.
DOI10.1109/IAEAC.2018.8577543
Citation Keywang_intrusion_2018