Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA). These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper will briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an autoassociative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks.
[1]
J. Andel.
Sequential Analysis
,
2022,
The SAGE Encyclopedia of Research Design.
[2]
Dorothy E. Denning,et al.
An Intrusion-Detection Model
,
1987,
IEEE Transactions on Software Engineering.
[3]
Anita K. Jones,et al.
Computer System Intrusion Detection: A Survey
,
2000
.
[4]
J. Wesley Hines,et al.
Development and Application of Fault Detectability Performance Metrics for Instrument Calibration Verification and Anomaly Detection
,
2006
.
[5]
Kenny C. Gross,et al.
Proactive Fault Monitoring in Enterprise Servers
,
2005,
CDES.
[6]
Todd L. Heberlein,et al.
Network intrusion detection
,
1994,
IEEE Network.