nach oben

Annals of Data Science

Erschienen in:

15.01.2018

Classifying Categories of SCADA Attacks in a Big Data Framework

verfasst von: Krishna Madhuri Paramkusem, Ramazan S. Aygun

Erschienen in: Annals of Data Science | Ausgabe 3/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The supervisory control and data acquisition (SCADA) systems monitor and control industrial control systems in many industrial and economic sectors such as water treatment, power plants, railroads, and gas pipelines. The integration of SCADA systems with the internet and corporate enterprise networks for various economical reasons exposes SCADA systems to attacks by hackers who could remotely exploit and gain access to SCADA systems to damage the infrastructure and thereby harming people’s lives. The simplicity of datasets and possible overfitting of models to training data are some of the issues in the previous research. In this paper, we present detecting and classifying malicious command and response packets in a SCADA network by analyzing attribute differences and history of packets using k-means clustering. This study presents a solution to classify SCADA cyber attacks to detect and classify SCADA attacks with high accuracy using a big data framework that comprises of Apache Hadoop and Apache Mahout. Apache Mahout’s random forest classification algorithm is applied on SCADA’s gas pipeline dataset to categorize attacks. When 70% of the data is used for training the classifier, our approach resulted in 5–17% improvement in accuracy for the classification of read response attacks and 2–8% improvement in accuracy for write command attacks with respect to using the original dataset.

Vorheriger Artikel A New Approach for Improving Classification Accuracy in Predictive Discriminant Analysis

Nächster Artikel On Some Further Properties and Application of Weibull-R Family of Distributions

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Amin S, Litrico X, Sastry S, Bayen AM (2013) Cyber security of water scada systems. Part I: analysis and experimentation of stealthy deception attacks. IEEE Trans Control Syst Technol 21(5):1963–1970CrossRef

Apache Software Foundation. Mahout. Accessed 24 Oct 2016

Beaver JM, Borges-Hink RC, Buckner MA (2013) An evaluation of machine learning methods to detect malicious scada communications. In: 2013 12th International conference on machine learning and applications (ICMLA), vol 2, pp 54–59

Carcano A, Coletta A, Guglielmi M, Masera M, Fovino IN, Trombetta A (2011) A multidimensional critical state analysis for detecting intrusions in scada systems. IEEE Trans Ind Inf 7(2):179–186CrossRef

Deka D, Baldick R, Vishwanath S (2014) Optimal hidden scada attacks on power grid: a graph theoretic approach. In: 2014 International conference on computing, networking and communications (ICNC), pp 36–40

Fahad A, Tari Z, Almalawi A, Goscinski A, Khalil I, Mahmood A (2014) Ppfscada: privacy preserving framework for scada data publishing. Future generation computer systems, 37(Supplement C):496 – 511. Special Section: innovative methods and algorithms for advanced data-intensive computing special section: semantics, intelligent processing and services for big data special section: advances in data-intensive modelling and simulation special section: hybrid intelligence for growing internet and its applications

Gao W, Morris T, Reaves B, Richey D. On SCADA control system command and response injection and intrusion detection. Mississippi State University. Accessed 24 Oct 2016

Hadoop (2014) HowManyMapsAndReduces. https://wiki.apache.org/hadoop/HowManyMapsAndReduces. Accessed 24 Oct 2016

Hink RCB, Beaver JM, Buckner MA, Morris T, Adhikari U, Pan S (2014) Machine learning for power system disturbance and cyber-attack discrimination. In: 2014 7th International symposium on resilient control systems (ISRCS), pp 1–8

10.

Holte RC (1993) Very simple classification rules perform well on most commonly used datasets. Mach Learn 11(1):63–90CrossRef

11.

Hsu J, Mudd D, Thornton Z (2014) Mississippi State University Project Report—SCADA anomaly detection. Accessed 24 Oct 2016

12.

Hu W, Liao Y, Vemuri V (2003) Robust support vector machines for anomaly detection in computer security. In: Proceedings of the international conference on machine learning and applications, pp 23–24. Accessed 24 Oct 2016

13.

Maglaras LA, Jiang J (2014) Intrusion detection in scada systems using machine learning techniques. Science and information conference (SAI) 2014:626–631

14.

Maglaras LA, Jiang J (2014) Ocsvm model combined with k-means recursive clustering for intrusion detection in scada systems. In: 10th International conference on heterogeneous networking for quality, reliability, security and robustness, pp 133–134

15.

Maglaras LA, Jiang J, Cruz TJ (2016) Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems. J Inf Secur Appl 30(Supplement C):15–26

16.

Matlab Community (2015) MATLAB Answers. https://www.mathworks.com/matlabcentral/answers/251265-holdout-validation-data-taken-randomly-3-questions. Accessed 24 Oct 2016

17.

Miller B, Rowe D (2012) A survey scada of and critical infrastructure incidents. In: Proceedings of the 1st annual conference on research in information technology, RIIT ’12. ACM, New York, pp 51–56

18.

Mo Y, Chabukswar R, Sinopoli B (2014) Detecting integrity attacks on scada systems. IEEE Trans Control Syst Technol 22(4):1396–1407CrossRef

19.

Morris T, Gao W Industrial control system network traffic data sets to facilitate intrusion detection system research. In: Shenoi S, Butts J (eds) Critical infrastructure protection VIII—8th IFIP WG 11.10 International conference, ICCIP 2014, March 17–19, 2014, Revised Selected Papers, vol 441 of IFIP advances in information and communication technology, chapter 1. Springer, Arlington, pp 5–18

20.

Morris T, Thornton Z, Turnipseed I (2015) Industrial control system simulation and data logging for intrusion detection system research. In: 7th Annual southeastern cyber security summit, Huntsville, AL

21.

Nader P (2015) One-class classification for cyber intrusion detection in industrial systems. Dissertation, University of Technology of Troyes

22.

Nader P, Honeine P, Beauseroy P (2014) \({l_p}\)-norms in one-class classification for intrusion detection in scada systems. IEEE Trans Ind Inf 10(4):2308–2317CrossRef

23.

Perdisci R, Gu G, Lee W (2006) Using an ensemble of one-class SVM classifiers to harden payload-based anomaly detection systems. In: Proceedings of the international conference on data mining, pp 488–498. Accessed 24 Oct 2016

24.

Shosha AF, Gladyshev P, Wu SS, Liu CC (2011) Detecting cyber intrusions in scada networks using multi-agent collaboration. In: 2011 16th International conference on intelligent system applications to power systems, pp 1–7

25.

Sinclair C, Pierce L, Matzner S (1999) An application of machine learning to network intrusion detection. In: Proceedings of the computer security applications conference, p 371. Accessed 24 Oct 2016

26.

Sridhar S, Manimaran G (2010) Data integrity attacks and their impacts on scada control system. In: IEEE PES general meeting, pp 1–6

27.

Tan PN, Steinbach M, Kumar V (2006) Introduction to data mining. Pearson Addison Wesley, Boston, San Francisco (Paris). Table des matires l’adresse suivante. http://www.loc.gov/catdir/toc/ecip0510/2005008721.html

28.

Teixeira A, Dn G, Sandberg H, Johansson KH (2011) A cyber security study of a scada energy management system: stealthy deception attacks on the state estimator*. In: IFAC Proceedings volumes, 18th IFAC World Congress 44(1):11271–11277

29.

Torrisi NM, Vukovi O, Dn G, Hagdahl S (2014) Peekaboo: a gray hole attack on encrypted scada communication using traffic analysis. In: 2014 IEEE international conference on smart grid communications (SmartGridComm), pp 902–907

30.

Turnipseed I (2015) A new SCADA dataset for intrusion detection system research. Master’s thesis, Mississippi State University

31.

Yasakethu SLP, Jiang J (2013) Intrusion detection via machine learning for scada system protection. In: Proceedings of the 1st international symposium on ICS & SCADA cyber security research 2013, ICS-CSR 2013. BCS, UK, pp 101–105

32.

Yu N, Shah S, Johnson R, Sherick R, Hong M, Loparo K (2015) Big data analytics in power distribution systems. In: Innovative smart grid technologies conference (ISGT), 2015 IEEE power energy society, pp 1–5

33.

Zhu B, Joseph A, Sastry S (2011) A taxonomy of cyber attacks on scada systems. In: 2011 International conference on internet of things and 4th international conference on cyber, physical and social computing, pp 380–388

Titel: Classifying Categories of SCADA Attacks in a Big Data Framework
verfasst von: Krishna Madhuri Paramkusem
Ramazan S. Aygun
Publikationsdatum: 15.01.2018
Verlag: Springer Berlin Heidelberg
Erschienen in: Annals of Data Science / Ausgabe 3/2018
Print ISSN: 2198-5804
Elektronische ISSN: 2198-5812
DOI: https://doi.org/10.1007/s40745-018-0141-8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2018

Enhancing Situation Awareness Using Semantic Web Technologies and Complex Event Processing

A New Family of Generalized Distributions Based on Alpha Power Transformation with Application to Cancer Data

On Some Further Properties and Application of Weibull-R Family of Distributions

Region Based Instance Document (RID) Approach Using Compression Features for Authorship Attribution

Operational Loss Data Collection: A Literature Review

Development of Optimal ANN Model to Estimate the Thermal Performance of Roughened Solar Air Heater Using Two different Learning Algorithms