An enhanced optimization based algorithm for intrusion detection in SCADA network

Abstract Supervisory Control and Data Acquisition (SCADA) systems are widely used in many applications including power transmission and distribution for situational awareness and control. Identifying and detecting intrusions in a SCADA is a critical and demanding task in recent days. For this purpose, various Intrusion Detection Systems (IDSs) are developed in the existing works. But, it has some drawbacks including it has high false positive and false negative rates, it cannot detect the encrypted date and it supports only for detecting the external intrusions. In order to overcome all these issues, an Intrusion Weighted Particle based Cuckoo Search Optimization (IWP-CSO) and Hierarchical Neuron Architecture based Neural Network (HNA-NN) techniques are proposed in this paper. The main intention of this paper is to detect and classify the intrusions in a SCADA network based on the optimization. At first, the input network dataset is given as the input, where the attributes are arranged and the clusters are initialized. Then, the features are optimized to select the best attributes by using the proposed IWP-CSO algorithm. Finally, the intrusions in a network are classified by employing the proposed HNA-AA algorithm. The experimental results evaluate the performance of the proposed system in terms of sensitivity, specificity, precision, recall, accuracy, Jaccard, Dice and false detection rate.

[1]  Leandros A. Maglaras,et al.  Integrated OCSVM mechanism for intrusion detection in SCADA systems , 2014 .

[2]  Imad H. Elhajj,et al.  SCADA Intrusion Detection System based on temporal behavior of frequent patterns , 2014, MELECON 2014 - 2014 17th IEEE Mediterranean Electrotechnical Conference.

[3]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part II: Attack Detection Using Enhanced Hydrodynamic Models , 2013, IEEE Transactions on Control Systems Technology.

[4]  Marimuthu Palaniswami,et al.  Labelled data collection for anomaly detection in wireless sensor networks , 2010, 2010 Sixth International Conference on Intelligent Sensors, Sensor Networks and Information Processing.

[5]  H. T. Mouftah,et al.  Optimal Trust System Placement in Smart Grid SCADA Networks , 2016, IEEE Access.

[6]  Naixue Xiong,et al.  A SCADA intermediate simulation platform to enhance the system security , 2015, 2015 17th International Conference on Advanced Communication Technology (ICACT).

[7]  Mohiuddin Ahmed,et al.  A survey of network anomaly detection techniques , 2016, J. Netw. Comput. Appl..

[8]  Abir Awad Abir Awad , 2022 .

[9]  Huang Wei,et al.  SOM-based intrusion detection for SCADA systems , 2015 .

[10]  Eric Torng,et al.  Overlay Automata and Algorithms for Fast and Scalable Regular Expression Matching , 2016, IEEE/ACM Transactions on Networking.

[11]  Chung-Ming Ou,et al.  Host-based intrusion detection systems adapted from agent-based artificial immune systems , 2012, Neurocomputing.

[12]  Sajal K. Das,et al.  A Novel Approach for Efficient Usage of Intrusion Detection System in Mobile Ad Hoc Networks , 2017, IEEE Transactions on Vehicular Technology.

[13]  Niva Das Survey on Host and Network Based Intrusion Detection System , 2014 .

[14]  Ravishankar K. Iyer,et al.  Runtime Semantic Security Analysis to Detect and Mitigate Control-Related Attacks in Power Grids , 2018, IEEE Transactions on Smart Grid.

[15]  Beibei Li,et al.  DDOA: A Dirichlet-Based Detection Scheme for Opportunistic Attacks in Smart Grid Cyber-Physical System , 2016, IEEE Transactions on Information Forensics and Security.

[16]  Nidul Sinha,et al.  A triple layer intrusion detection system for SCADA security of electric utility , 2015, 2015 Annual IEEE India Conference (INDICON).

[17]  Shahram Sarkani,et al.  A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier , 2012, Expert Syst. Appl..

[18]  K. McLaughlin,et al.  Multiattribute SCADA-Specific Intrusion Detection System for Power Networks , 2014, IEEE Transactions on Power Delivery.

[19]  Alireza Keshavarz-Haddad,et al.  A Concise Model to Evaluate Security of SCADA Systems based on Security Standards , 2015 .

[20]  Stanislav Ponomarev,et al.  Industrial Control System Network Intrusion Detection by Telemetry Analysis , 2016, IEEE Transactions on Dependable and Secure Computing.

[21]  Zahir Tari,et al.  An Efficient Data-Driven Clustering Technique to Detect Attacks in SCADA Systems , 2016, IEEE Transactions on Information Forensics and Security.

[22]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[23]  Ing-Ray Chen,et al.  Modeling and Analysis of Attacks and Counter Defense Mechanisms for Cyber Physical Systems , 2016, IEEE Transactions on Reliability.

[24]  Xiangjian He,et al.  Building an Intrusion Detection System Using a Filter-Based Feature Selection Algorithm , 2016, IEEE Transactions on Computers.

[25]  V. Jaiganesh,et al.  Intrusion Detection Systems: A Survey and Analysis of Classification Techniques , 2013 .

[26]  S. L. P. Yasakethu,et al.  Intrusion Detection via Machine Learning for SCADA System Protection , 2013, ICS-CSR.

[27]  Avishai Wool,et al.  Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems , 2013, Int. J. Crit. Infrastructure Prot..

[28]  Yong Wang,et al.  SRID: State Relation Based Intrusion Detection for False Data Injection Attacks in SCADA , 2014, ESORICS.

[29]  Xinghuo Yu,et al.  An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems , 2014, Comput. Secur..

[30]  K. McLaughlin,et al.  Intrusion Detection System for IEC 60870-5-104 based SCADA networks , 2013, 2013 IEEE Power & Energy Society General Meeting.