Novel Intrusion Detection Mechanism with Low Overhead for SCADA Systems. Maglaras, L., Janicke, H., Jiang, J., & Crampton, A. In Ferrag, M. A. & Ahmim, A., editors, Security Solutions and Applied Cryptography in Smart Grid Communications, pages 160--178. IGI Global, Hershey, PA 17033, USA, November, 2016.
Novel Intrusion Detection Mechanism with Low Overhead for SCADA Systems [link]Paper  doi  abstract   bibtex   
SCADA (Supervisory Control and Data Acquisition) systems are a critical part of modern national critical infrastructure (CI) systems. Due to the rapid increase of sophisticated cyber threats with exponentially destructive effects, intrusion detection systems (IDS) must systematically evolve. Specific intrusion detection systems that reassure both high accuracy, low rate of false alarms and decreased overhead on the network traffic must be designed for SCADA systems. In this book chapter we present a novel IDS, namely K-OCSVM, that combines both the capability of detecting novel attacks with high accuracy, due to its core One-Class Support Vector Machine (OCSVM) classification mechanism and the ability to effectively distinguish real alarms from possible attacks under different circumstances, due to its internal recursive k-means clustering algorithm. The effectiveness of the proposed method is evaluated through extensive simulations that are conducted using realistic datasets extracted from small and medium sized HTB SCADA testbeds.
@incollection{hud30578,
           month = {November},
          author = {Leandros Maglaras and Helge Janicke and Jianmin Jiang and Andrew Crampton},
       booktitle = {Security Solutions and Applied Cryptography in Smart Grid Communications},
          editor = {Mohamed Amine Ferrag and Ahmed Ahmim},
         address = {Hershey, PA 17033, USA},
           title = {Novel Intrusion Detection Mechanism with Low Overhead for SCADA Systems},
       publisher = {IGI Global},
             doi = {10.4018/978-1-5225-1829-7.ch009},
            year = {2016},
           pages = {160--178},
             url = {http://eprints.hud.ac.uk/30578/},
        abstract = {SCADA (Supervisory Control and Data Acquisition) systems are a critical part of modern national critical infrastructure (CI) systems. Due to the rapid increase of sophisticated cyber threats with exponentially destructive effects, intrusion detection systems (IDS) must systematically evolve. Specific intrusion detection systems that reassure both high accuracy, low rate of false alarms and decreased overhead on the network traffic must be designed for SCADA systems. In this book chapter we present a novel IDS, namely K-OCSVM, that combines both the capability of detecting novel attacks with high accuracy, due to its core One-Class Support Vector Machine (OCSVM) classification mechanism and the ability to effectively distinguish real alarms from possible attacks under different circumstances, due to its internal recursive k-means clustering algorithm. The effectiveness of the proposed method is evaluated through extensive simulations that are conducted using realistic datasets extracted from small and medium sized HTB SCADA testbeds.}
}
Downloads: 0