A Semi-Supervised Approach for Detection of SCADA Attacks in Gas Pipeline Control Systems

The imperative role played by Supervisory Control And Data Acquisition (SCADA) systems in providing a centralized control for modern infrastructure have made them into one of the most desired targets for malicious attackers owing to its rapid evolution as well as widespread adoption of these systems. To counter these attacks, it is necessary that more robust approaches be adopted. The advent of Machine Learning has shown great potential for its usage along with existing Intrusion Detection Systems (IDS). This paper presents a novel approach to detect malicious behaviour in SCADA data used to control gas pipeline system. As most of the data available in this industry are unsupervised, this paper uses an approach that makes use of a Semi-Supervised Deep Learning architecture- Autoencoder, that is believed to be most suited for this type of tasks. The effectiveness of this deep learning network is due to the fact that it reconstructs the input as the output and in the training process learns only the most important features of normal observations that are representative of the input data; thus malicious data is easily detected due to a high reconstruction error. The proposed algorithm is validated on gas pipeline control system dataset and found to give excellent results in detection.

[1]  B Eswara Reddy,et al.  Semi-supervised learning: a brief review , 2018 .

[2]  Zahir Tari,et al.  An Efficient Data-Driven Clustering Technique to Detect Attacks in SCADA Systems , 2016, IEEE Transactions on Information Forensics and Security.

[3]  Thomas G. Habetler,et al.  Machine Learning and Deep Learning Algorithms for Bearing Fault Diagnostics - A Comprehensive Review , 2019, ArXiv.

[4]  Lingfeng Wang,et al.  Power System Reliability Evaluation With SCADA Cybersecurity Considerations , 2015, IEEE Transactions on Smart Grid.

[5]  Hongwei Liu,et al.  SAR Automatic Target Recognition Based on Euclidean Distance Restricted Autoencoder , 2017, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing.

[6]  Il Dong Yun,et al.  Residual Error Based Anomaly Detection Using Auto-Encoder in SMD Machine Sound , 2018, Sensors.

[7]  Andrés Felipe Sánchez Prisco,et al.  Intrusion detection system for SCADA platforms through machine learning algorithms , 2017, 2017 IEEE Colombian Conference on Communications and Computing (COLCOM).

[8]  Mohit Agarwal,et al.  Profit or Loss: A Long Short Term Memory based model for the Prediction of share price of DLF group in India , 2019, 2019 IEEE 9th International Conference on Advanced Computing (IACC).

[9]  Thomas Morris,et al.  A testbed for SCADA control system cybersecurity research and pedagogy , 2011, CSIIRW '11.

[10]  Lingfeng Wang,et al.  Power System Reliability Assessment Incorporating Cyber Attacks Against Wind Farm Energy Management Systems , 2017, IEEE Transactions on Smart Grid.

[11]  Guifang Liu,et al.  A Stacked Autoencoder-Based Deep Neural Network for Achieving Gearbox Fault Diagnosis , 2018, Mathematical Problems in Engineering.

[12]  Jianhui Wang,et al.  Probabilistic Deep Autoencoder for Power System Measurement Outlier Detection and Reconstruction , 2020, IEEE Transactions on Smart Grid.

[13]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[14]  Liang Cheng,et al.  Deep-Learning-Based Network Intrusion Detection for SCADA Systems , 2019, 2019 IEEE Conference on Communications and Network Security (CNS).

[15]  S. L. P. Yasakethu,et al.  Intrusion Detection via Machine Learning for SCADA System Protection , 2013, ICS-CSR.

[16]  Christin Schäfer,et al.  Learning Intrusion Detection: Supervised or Unsupervised? , 2005, ICIAP.

[17]  Jin Wei,et al.  Real-Time Detection of False Data Injection Attacks in Smart Grid: A Deep Learning-Based Intelligent Mechanism , 2017, IEEE Transactions on Smart Grid.

[18]  Dechang Pi,et al.  HML-IDS: A Hybrid-Multilevel Anomaly Prediction Approach for Intrusion Detection in SCADA Systems , 2019, IEEE Access.

[19]  Junaid Qadir,et al.  Unsupervised Machine Learning for Networking: Techniques, Applications and Research Challenges , 2017, IEEE Access.

[20]  Holger H. Hoos,et al.  A survey on semi-supervised learning , 2019, Machine Learning.

[21]  Damodar Reddy Edla,et al.  Type 2 diabetes data classification using stacked autoencoders in deep neural networks , 2019, Clinical Epidemiology and Global Health.

[22]  Lav Gupta,et al.  Machine Learning-Based Network Vulnerability Analysis of Industrial Internet of Things , 2019, IEEE Internet of Things Journal.

[23]  Thomas H. Morris,et al.  Machine learning for power system disturbance and cyber-attack discrimination , 2014, 2014 7th International Symposium on Resilient Control Systems (ISRCS).

[24]  Mark A. Buckner,et al.  An Evaluation of Machine Learning Methods to Detect Malicious SCADA Communications , 2013, 2013 12th International Conference on Machine Learning and Applications.

[25]  Paul Honeine,et al.  ${l_p}$-norms in One-Class Classification for Intrusion Detection in SCADA Systems , 2014, IEEE Transactions on Industrial Informatics.

[26]  Luca Benini,et al.  Anomaly Detection using Autoencoders in High Performance Computing Systems , 2018, DDC@AI*IA.

[27]  Mohit Agarwal,et al.  A Convolution Neural Network based approach to detect the disease in Corn Crop , 2019, 2019 IEEE 9th International Conference on Advanced Computing (IACC).

[28]  Justin M. Beaver,et al.  Nonparametric semi-supervised learning for network intrusion detection: combining performance improvements with realistic in-situ training , 2012, AISec.

[29]  Mohammed Samaka,et al.  SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach , 2018, Future Internet.

[30]  Van Long Do Statistical detection and isolation of cyber-physical attacks on SCADA systems , 2017, IECON 2017 - 43rd Annual Conference of the IEEE Industrial Electronics Society.