Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems
Authors
Abstract
Modern Supervisory Control and Data Acquisition (SCADA) systems used by the electric utility industry to monitor and control electric power generation, transmission and distribution are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasing numbers of widely distributedcomponents.
The presence of a real time intrusion detection mechanism, which can cope with dierent types of attacks, is of great importance, in order to defend a system against cyber attacks This defense mechanism must be distributed, cheap and above all accurate, since false positive alarms, or mistakes regarding the origin of the intrusion mean severe costs for the system.
Recently an integrated detection mechanism, namely IT-OCSVM was proposed, which is distributed in a SCADA network as a part of a distributed intrusion detection system (DIDS), providing accurate data about the origin and the time of an intrusion. In this paper we also analyze the architecture of the integrated detection mechanism and we perform extensive simulations based on real cyber attacks in a small SCADA testbed in order to evaluate the performance of the proposed mechanism.
Keywords
OCSVM, Intrusion detection, SCADA systems; Social analysisJournal
Elsevier Journal of Information Security and Applications, Antony TS Ho, May 2016PDF File
DOI
Cited by
Year 2020 : 8 citations
Lu, Yutao; Wang, Juan; Liu, Miao; Zhang, Kaixuan; Gui, Guan; Ohtsuki, Tomoaki; et al. (2020): Semi-supervised Machine Learning Aided Anomaly Detection Method in Cellular Networks. TechRxiv. Preprint. https://doi.org/10.36227/techrxiv.11634720.v1
Chaithanya P.S., Priyanga S., Pravinraj S., Shankar Sriram V.S. (2020) SSO-IF: An Outlier Detection Approach for Intrusion Detection in SCADA Systems. In: Ranganathan G., Chen J., Rocha Á. (eds) Inventive Communication and Computational Technologies. Lecture Notes in Networks and Systems, vol 89. Springer, Singapore. DOI: 10.1007/978-981-15-0146-3_89.
Soumya Ray*, Kamta Nath Mishra and Sandip Dutta, “Big Data Security Issues from the Perspective of IoT and Cloud Computing: A Review”, Recent Advances in Computer Science and Communications (2020) 13: 1. https://doi.org/10.2174/2666255813666200224092717
Abdullah Al-Noman Patwary, Anmin Fu, Ranesh Kumar Naha, Sudheer Kumar Battula, Saurabh Garg, Md Anwarul Kaium Patwary, Erfan Aghasian, "Authentication, Access Control, Privacy, Threats and Trust Management Towards Securing Fog Computing Environments: A Review", arXiv:2003.00395v1, March 2020
Shamshe Alam, Sanjay Kumar Sonbhadra, Sonali Agarwal, P. Nagabhushan, One-class support vector classifiers: A survey, Knowledge-Based Systems, Volume 196, 2020, ISSN 0950-7051, DOI: 10.1016/j.knosys.2020.105754.
Shamshe Alam, Sanjay Kumar Sonbhadra, Sonali Agarwal, P. Nagabhushan, M. Tanveer, Sample reduction using farthest boundary point estimation (FBPE) for support vector data description (SVDD), Pattern Recognition Letters, Volume 131, 2020, Pages 268-276, ISSN 0167-8655, March 2020. DOI: 10.1016/j.patrec.2020.01.004.
DongInn Kim, Vafa Andalibi, and L Jean Camp. Fingerprinting Edge and Cloud Services in IoT. In Systematic Approaches to Digital Forensic Engineering, City University of New York (CUNY), New York City, May 2020. URL: http://www.usablesecurity.net/projects/IoT/papers/Fingerprinting_IoT_Final.pdf
Jakapan Suaboot, Adil Fahad, Zahir Tari, John Grundy, Abdun Naser Mahmood, Abdulmohsen Almalawi, Albert Y. Zomaya, and Khalil Drira. 2020. A Taxonomy of Supervised Learning for IDSs in SCADA Environments. ACM Comput. Surv. 53, 2, Article 40 (April 2020), 37 pages. https://doi.org/10.1145/3379499
Year 2019 : 9 citations
A. Damien, M. Marcourt, V. Nicomette, E. Alata and M. Kaâniche, "Implementation of a Host-Based Intrusion Detection System for Avionic Applications," 2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC), Kyoto, Japan, 2019, pp. 178-17809.
doi: 10.1109/PRDC47002.2019.00048
R. Zhang and H. Chen, "Intrusion Detection of Industrial Control System Based on Stacked Auto-Encoder," 2019 Chinese Automation Congress (CAC), Hangzhou, China, 2019, pp. 5638-5643. DOI: 10.1109/CAC48633.2019.8997243
Khan, Ahsan Al Zaki & Serpen, Gursel. (2019). Misuse Intrusion Detection Using Machine Learning for Gas Pipeline SCADA Networks, in Proc. of International Conf. Security and Management, SAM'19, Las Vegas (USA), 2019. ISBN: 1-60132-509-6, CSREA Pres. Available at: https://csce.ucmss.com/cr/books/2019/LFS/CSREA2019/SAM9718.pdf
Theekshana Dissanayake,Yasitha Rajapaksha, Roshan Ragel, Isuru Nawinne, (2019). An Ensemble Learning Approach for Electrocardiogram Sensor Based Human Emotion Recognition. Sensors. 19. 4495. 10.3390/s19204495.
Bodunde O Akinyemi, Johnson B Adekunle, Temitope A Aladesanmi, Adesola G Aderounmu, Beman H Kamagate, An Improved Anomalous Intrusion Detection Model, in FUOYE Journal of Engineering and Technology, Vol 4, no 2, 2019. Available at: http://engineering.fuoye.edu.ng/journal/index.php/engineer/article/view/418
Kensuke TAMURA, Kanta MATSUURA, Improvement of Anomaly Detection Performance Using Packet Flow Regularity in Industrial Control Networks, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2019, Volume E102.A, Issue 1, Pages 65-73, Released January 01, 2019, Online ISSN 1745-1337, Print ISSN 0916-8508, https://doi.org/10.1587/transfun.E102.A.65
Fatima-Zahra Benjelloun, Ayoub Ait Lahcen, and Samir Belfkih, "Outlier detection techniques for big data streams: focus on cyber security", in International Journal of Internet Technology and Secured Transactions 2019 9:4, 446-474, 2019. DOI: 10.1504/IJITST.2019.102799
Aya Ayadi, Oussama Ghorbel, M.S. BenSalah, Mohamed Abid, Kernelized technique for outliers detection to monitoring water pipeline based on WSNs, Elsevier Computer Networks, Volume 150, 2019, Pages 179-189, ISSN 1389-1286,
DOI: 10.1016/j.comnet.2019.01.004
Nageswaran, Neha & Suresh, Seshan & Priyanga, S & Sriram, V.S. Shankar. (2019). SCO-RNN: A Behavioral based Intrusion Detection approach for Cyber Physical Attacks in SCADA System, in Proc of International Conference on Inventive Communication and Computational Technologies.
Year 2018 : 8 citations
Subramaniyam Kannan, "Mitigating Multi-Stage Attacks in Software Defined Network-Based Distributed Systems", MsC Thesis, Purdue University. Available at: https://docs.lib.purdue.edu/dissertations/AAI10838651/
Yafang Yang, Bin Guo, Zhu Wang, Mingyang Li, Zhiwen Yu, Xingshe Zhou, "BehaveSense: Continuous Authentication for Security-Sensitive Mobile Apps using Behavioral Biometrics", Elsevier Ad Hoc Networks, 2018, ISSN 1570-8705,
https://doi.org/10.1016/j.adhoc.2018.09.015. (http://www.sciencedirect.com/science/article/pii/S1570870518306899)
F. Schuster, F. M. Kopp, A. Paul and H. König, "Attack and Fault Detection in Process Control Communication Using Unsupervised Machine Learning," 2018 IEEE 16th International Conference on Industrial Informatics (INDIN), Porto, Portugal, July 2018, pp. 433-438. doi: 10.1109/INDIN.2018.8472054
F. Schuster, A. Paul, F. M. Kopp and H. König, "Catching Intrusions: Classifier Performances for Detecting Network-specific Anomalies in Energy Systems," 2018 International Conference on Smart Energy Systems and Technologies (SEST), Sevilla, Spain, Sep 2018, pp. 1-6. doi: 10.1109/SEST.2018.8495702
Oyeniyi Akeem Alimi, Khmaies Ouahada, Security Assessment of the Smart Grid: A Review focusing on the NAN Architecture. In Proc. of Conference: 2018 IEEE 7th International Conference on Adaptive Science & Technology (ICAST), August 2018. DOI: 10.1109/ICASTECH.2018.8506847.
Paramkusem, Krishna Madhuri and Aygun, Ramazan S., "Classifying Categories of SCADA Attacks in a Big Data Framework", Annals of Data Science, january 2018. doi=10.1007/s40745-018-0141-8
Mehrdad, S., Mousavian, S., Madraki, G. et al., "Cyber-Physical Resilience of Electrical Power Systems Against Malicious Attacks: a Review", in Springer Current Sustainable Renewable Energy Reports (2018). https://doi.org/10.1007/s40518-018-0094-8
Li Ting ; Hong Zhennan ; Liu Zhiyong ; Xiao Tizheng, Intrusion Detection of Industrial Control System Based on Incremental Single Class Support Vector Machine, Information and Control, China Automation Society, issue 6, December 2018. DOI:10.13976/j.cnki.xk.2018.7431
Year 2017 : 7 citations
TRI SI DOAN, "ENSEMBLE LEARNING FOR MULTIPLE DATA MINING PROBLEMS", Ph.D Thesis, Department of Computer Science, University of Colorado Colorado Springs, Advisor: Professor, Chair Jugal Kalita. URL: https://dspace.library.colostate.edu/bitstream/handle/10976/166686/Doan_uccs_0892D_10279.pdf?sequence=1&isAllowed=
Moustafa, Nour. (2017). Designing an online and reliable statistical anomaly detection framework for dealing with large high-speed network traffic, PhD Thesis, October 2017.
Kannan, Subramaniyam, Paul Wood, Larry Deatrick, Patricia Beane, Somali Chaterji, and Saurabh Bagchi. "MAAT: Multi-Stage Attack Attribution in Enterprise Systems using Software Defined Networks.", EAI Endorsed Transactions on Security and Safety, 2018. Available at: https://engineering.purdue.edu/dcsl/publications/papers/2017/final_maat_transactions18-security-n-safety.pdf
Shang Wenli, An Panfeng, Wan Ming, Zhao Jianming, Zeng Peng, "Research and development overview of intrusion detection technology in industrial control system", Journal of Application Research of Computers, Vol 34 (2), ISSN: 1001-3695,pp:328-333, 342 2017. Available at: http://ir.sia.cn/handle/173321/19380. DOI: 10.3969/j.issn.1001-3695.2017.02.002.
Ahmad, Rami Haidar and Al-Sakib Khan Pathan. "A Study on M2M (Machine to Machine) System and Communication: Its Security, Threats, and Intrusion Detection System." The Internet of Things: Breakthroughs in Research and Practice. IGI Global, 2017. 205-240. Web. 17 Aug. 2017. doi:10.4018/978-1-5225-1832-7.ch010
Q. Niyaz, W. Sun, A. Javaid, "A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)", EAI Endorsed Transactions on Security and Safety 17(12): e2, published on the 28 dez 2017. DOI: 10.4108/eai.28-12-2017.153515
Lamba, Anil & Singh, Satinderjeet & Singh, Balvinder & Dutta, Natasha & Sai, Sivakumar & Muni, Rela. (2017). MITIGATING CYBER SECURITY THREATS OF INDUSTRIAL CONTROL SYSTEMS (SCADA & DCS), International Journal For Technological Research In Engineering, Proc. of 3rd International Conference on Emerging Technologies in Engineering, Biomedical, Medical and Science(ETEBMS), July 2017. Available at: https://www.ijtre.com/images/scripts/16214.pdf
Year 2016 : 1 citations
S. Lee, H. Yoo, J. Seo and T. Shon, "Packet Diversity-Based Anomaly Detection System with OCSVM and Representative Model," 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, 2016, pp. 498-503. doi: 10.1109/iThings-GreenCom-CPSCom-SmartData.2016.116