Privacy preservation intrusion detection technique for SCADA systems

Supervisory Control and Data Acquisition (SCADA) systems face the absence of a protection technique that can beat different types of intrusions and protect the data from disclosure while handling this data using other applications, specifically Intrusion Detection System (IDS). The SCADA system can manage the critical infrastructure of industrial control environments. Protecting sensitive information is a difficult task to achieve in reality with the connection of physical and digital systems. Hence, privacy preservation techniques have become effective in order to protect sensitive/private information and to detect malicious activities, but they are not accurate in terms of error detection, sensitivity percentage of data disclosure. In this paper, we propose a new Privacy Preservation Intrusion Detection (PPID) technique based on the correlation coefficient and Expectation Maximisation (EM) clustering mechanisms for selecting important portions of data and recognizing intrusive events. This technique is evaluated on the power system datasets for multiclass attacks to measure its reliability for detecting suspicious activities. The experimental results outperform three techniques in the above terms, showing the efficiency and effectiveness of the proposed technique to be utilized for current SCADA systems.

[1]  Fabio Roli,et al.  Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues , 2013, Inf. Sci..

[2]  Simin Nadjm-Tehrani,et al.  Exploiting Bro for Intrusion Detection in a SCADA System , 2016, CPSS@AsiaCCS.

[3]  Simon J. Watson,et al.  Using SCADA data for wind turbine condition monitoring – a review , 2017 .

[4]  Gerhard P Hancke,et al.  Introduction to Industrial Control Networks , 2013, IEEE Communications Surveys & Tutorials.

[5]  G. McLachlan,et al.  The EM algorithm and extensions , 1996 .

[6]  James Harland,et al.  Pacific Asia Conference on Information Systems ( PACIS ) 7-15-2012 μ-Fractal Based Data Perturbation Algorithm For Privacy Protection , 2013 .

[7]  Sumeet Dua,et al.  Data Mining and Machine Learning in Cybersecurity , 2011 .

[8]  K. McLaughlin,et al.  Multiattribute SCADA-Specific Intrusion Detection System for Power Networks , 2014, IEEE Transactions on Power Delivery.

[9]  Philip S. Yu,et al.  A General Survey of Privacy-Preserving Data Mining Models and Algorithms , 2008, Privacy-Preserving Data Mining.

[10]  Leandros A. Maglaras,et al.  Integrated OCSVM mechanism for intrusion detection in SCADA systems , 2014 .

[11]  Thomas H. Morris,et al.  Machine learning for power system disturbance and cyber-attack discrimination , 2014, 2014 7th International Symposium on Resilient Control Systems (ISRCS).

[12]  Ing-Ray Chen,et al.  A survey of intrusion detection techniques for cyber-physical systems , 2014, ACM Comput. Surv..

[13]  Zahir Tari,et al.  PPFSCADA: Privacy preserving framework for SCADA data publishing , 2014, Future Gener. Comput. Syst..

[14]  Jill Slay,et al.  The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set , 2016, Inf. Secur. J. A Glob. Perspect..

[15]  Paul Fleming,et al.  Use of SCADA Data for Failure Detection in Wind Turbines , 2011 .

[16]  Avishai Wool,et al.  Control variable classification, modeling and anomaly detection in Modbus/TCP SCADA systems , 2015, Int. J. Crit. Infrastructure Prot..

[17]  Zahir Tari,et al.  A Framework for Improving the Accuracy of Unsupervised Intrusion Detection for SCADA Systems , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[18]  Zahir Tari,et al.  Toward an efficient and scalable feature selection approach for internet traffic classification , 2013, Comput. Networks.