Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems

Date

2016-04

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

Elsevier

Type

Article

Peer reviewed

Yes

Abstract

Modern Supervisory Control and Data Acquisition SCADA systems used bythe electric utility industry to monitor and control electric power generation,transmission and distribution are recognized today as critical components ofthe electric power delivery infrastructure. SCADA systems are large, complexand incorporate increasing numbers of widely distributed components. Thepresence of a real time intrusion detection mechanism, which can cope withdi erent types of attacks, is of great importance, in order to defend a systemagainst cyber attacks This defense mechanism must be distributed, cheapand above all accurate, since false positive alarms, or mistakes regardingthe origin of the intrusion mean severe costs for the system. Recently anintegrated detection mechanism, namelyIT-OCSVMwas proposed, which isdistributed in a SCADA network as a part of a distributed intrusion detectionsystem (IDS), providing accurate data about the origin and the time of anintrusion. In this paper we also analyze the architecture of the integrateddetection mechanism and we perform extensive simulations based on realcyber attacks in a small SCADA testbed in order to evaluate the performanceof the proposed mechanism

Description

Keywords

OCSVM, Intrusion detection, SCADA systems, Social analysis

Citation

Maglaras, L., Jiang, J. and Cruz, T.J. (2016) Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems. Journal of Information Security and Applications, 30, pp. 15-26

Rights

Research Institute