A Novel Intrusion Detection Mechanism for SCADA systems which Automatically Adapts to Network Topology Changes

Stewart, Barnaby; Rosa, Luís; Μαγλαράς, Λέανδρος; Cruz, Tiago; Ferrag, Mohamed Amine; Simões, Paulo; Janicke, Helge

doi:10.4108/eai.1-2-2017.152155

Cited by 23 publications

(13 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Using patterns of benign traffic or normal behavior or specific rules that describe a specific attack, IDSs can distinguish between normal and malicious actions [3]. According to [4], data mining which is used to describe knowledge discovery can help to implement and deploy IDSs with higher accuracy and robust behavior as compared to traditional IDSs that may not be as effective against modern sophisticated cyber attacks [5].…”

Section: Introductionmentioning

confidence: 99%

Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study

Ferrag

Μαγλαράς

Moschoyiannis

et al. 2020

Journal of Information Security and Applications

Self Cite

597

291

View full text Add to dashboard Cite

In this paper, we present a survey of deep learning approaches for cyber security intrusion detection, the datasets used, and a comparative study. Specifically, we provide a review of intrusion detection systems based on deep learning approaches. The dataset plays an important role in intrusion detection, therefore we describe 35 well-known cyber datasets and provide a classification of these datasets into seven categories; namely, network traffic-based dataset, electrical network-based dataset, internet traffic-based dataset, virtual private network-based dataset, android apps-based dataset, IoT traffic-based dataset, and internet-connected devices-based dataset. We analyze seven deep learning models including recurrent neural networks, deep neural networks, restricted Boltzmann machines, deep belief networks, convolutional neural networks, deep Boltzmann machines, and deep autoencoders. For each model, we study the performance in two categories of classification (binary and multiclass) under two new real traffic datasets, namely, the CSE-CIC-IDS2018 dataset and the Bot-IoT dataset. In addition, we use the most important performance indicators, namely, accuracy, false alarm rate, and detection rate for evaluating the efficiency of several methods.

show abstract

Section: Introductionmentioning

confidence: 99%

Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study

Ferrag

Μαγλαράς

Moschoyiannis

et al. 2020

Journal of Information Security and Applications

Self Cite

597

291

View full text Add to dashboard Cite

show abstract

“…It is pivotal to utilize a combination of programmed static testing, code audit, and dynamic testing along with applying secure coding techniques. If these measures are not deployed and run frequently along with other security measures like Intrusion Detection Systems [13] the attackers can take control of essential services and sensitive data.…”

Section: Discussion -Conclusionmentioning

confidence: 99%

A Tutorial on Cross Site Scripting Attack - Defense

Papaspirou¹,

Μαγλαράς²,

Ferrag³

2020

Preprint

Self Cite

View full text Add to dashboard Cite

The danger is still very large from cross site scripting attacks. When designing web applications We must follow as much as we can prevention rules and don’t leave any loophole to our programs. Experience is a great factor for programmers to know these attacks and for a trainee programmer is a difficult task to spot all the weak points. In this article we present a tutorial on launching an XSS attack and also we propose simple solutions.

show abstract

“…Further research has been developed to provide security for Smart Grid DNP3, through the identification of malicious activities in ICS of IoT based on Deep Learning, IDS for SCDA systems, and Neural Network-based IDS for critical infrastructure. These have shown tremendous results in the development of models for the detection of attacks on power systems [36,37,38,39,40,41].…”

Section: Related Workmentioning

confidence: 99%

Toward an Applied Cyber Security Solution in IoT-Based Smart Grids: An Intrusion Detection System Approach

Yin

Liu

Nkenyereye

et al. 2019

Sensors

View full text Add to dashboard Cite

We present an innovative approach for a Cybersecurity Solution based on the Intrusion Detection System to detect malicious activity targeting the Distributed Network Protocol (DNP3) layers in the Supervisory Control and Data Acquisition (SCADA) systems. As Information and Communication Technology is connected to the grid, it is subjected to both physical and cyber-attacks because of the interaction between industrial control systems and the outside Internet environment using IoT technology. Often, cyber-attacks lead to multiple risks that affect infrastructure and business continuity; furthermore, in some cases, human beings are also affected. Because of the traditional peculiarities of process systems, such as insecure real-time protocols, end-to-end general-purpose ICT security mechanisms are not able to fully secure communication in SCADA systems. In this paper, we present a novel method based on the DNP3 vulnerability assessment and attack model in different layers, with feature selection using Machine Learning from parsed DNP3 protocol with additional data including malware samples. Moreover, we developed a cyber-attack algorithm that included a classification and visualization process. Finally, the results of the experimental implementation show that our proposed Cybersecurity Solution based on IDS was able to detect attacks in real time in an IoT-based Smart Grid communication environment.

show abstract

A Novel Intrusion Detection Mechanism for SCADA systems which Automatically Adapts to Network Topology Changes

Cited by 23 publications

References 28 publications

Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study

Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study

A Tutorial on Cross Site Scripting Attack - Defense

Toward an Applied Cyber Security Solution in IoT-Based Smart Grids: An Intrusion Detection System Approach

Contact Info

Product

Resources

About