Forget the Myth of the Air Gap: Machine Learning for Reliable Intrusion Detection in SCADA Systems

Pérez, Rocío López; Adamsky, Florian; Soua, Ridha; Engel, Thomas

doi:10.4108/eai.25-1-2019.159348

Cited by 13 publications

(2 citation statements)

References 30 publications

(30 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The results revealed that the proposed model has the capacity to improve accuracy and recall and reduce false positive rate (FPR) while achieving the highest detection rates for unknown attacks. With F-1 values of 99% and 96% for Random Forest (RF) and Bidirectional Long Short-Term Memory (BLSTM), [18] concluded that RF and BLSTM successfully identify intrusions on SCADA systems. The study also suggests that standard intrusion detection systems cannot detect assaults that are not currently in their databases.…”

Section: Related Workmentioning

confidence: 99%

LoGD-ai: An Efficient Network Intrusion Detection System Using a Soft Voting-Based Ensemble Learner

Agyapong,

Boateng,

Prempeh

et al. 2023

Preprint

View full text Add to dashboard Cite

Network attacks detection is still a difficult task because of the large data volumes needed for training a cutting-edge machine learning algorithms to unearth network invasions. Recently, a number of data mining methods have been put out for network intrusion detection. Meanwhile, each of them encounters certain difficulties resulting from the sophisticated nature of threats the existing models cannot detect. The NSL-KDD dataset containing four different form of attacks was employed in this paper. In this paper, we demonstrate the efficiency of LoGD-ai, a soft voting-based ensemble learner as network intrusion detection system to classify network data to normal and malicious. This soft-voting based ensemble classifier employs logistic regression, gradient boosting and decision tree algorithms for intrusion detection. Finally, the performance of the LoGD-ai classifier is compared to the popular gradient boosting machine (GBM), random forests (RF), and AdaBoost. Scoring 98.05% on accuracy, the LoGD-ai classifier performs better than GBM, RF and AdaBoost classifiers, efficiently detecting and classifying network traffic as normal or malicious. Compared to gradient boosting, our proposed methodology increases accuracy by 0.52%, which is critical for network intrusion detection.

show abstract

Section: Related Workmentioning

confidence: 99%

LoGD-ai: An Efficient Network Intrusion Detection System Using a Soft Voting-Based Ensemble Learner

Agyapong,

Boateng,

Prempeh

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The limitations of the selected supplier are some deficiencies in the tendering and project implementation phases, such as Factory Acceptance Test facilities (FAT), response speed, and training for operational and maintenance staff. Other framework was introduced in R. Lopez Perez et al, F. Adamsky et al R. Sousa, and T. Engel 7 to defend a Supervisory Control and Data Acquisition (SCADA) approach opposed to outbursts utilizing Machine learning (ML) techniques. Their work concentrated on assessing ML performance in identifying anomalies in SCADA structures.…”

Section: Relevant Studiesmentioning

confidence: 99%

A smart PLC-SCADA framework for monitoring petroleum products terminals in industry 4.0 via machine learning

Rashad

Attallah

Morsi

2022

Measurement and Control

View full text Add to dashboard Cite

The paper introduces a Programmable Logic Controller (PLC) / Human Machine Interface (HMI) system incorporated along with machine learning (ML) classifiers. Although some other studies have incorporated ML techniques to predict and control petroleum product terminals in terms of concentration, the proposed framework incorporates Add On Instruction (AOI) programming, PLC, and ML methods to automatically monitor petroleum products terminals. The framework adds an AOI in programming to achieve maximum usage of processor capabilities. Moreover, it uses AOI for programming in cooperation with the ladder diagram (LD). This leads to simplifying the LD graphical programming language, reducing the time of scanning, and making facilitate troubleshooting. The AOI is merged with ML to automate tank level detection and maintain good operational conditions and consequently protect these expensive essential assets. The introduced framework consists of three stages. The first stage is the PLC programming phase where the PLC is created using Add-On instructions. Next, HMI graphic displays are drawn and linked to the PLC tags in the following stage. During the third stage, the actual process readings are applied to the system based on ML algorithms to test its functionality. The proposed system results indicates a reduction in the LD number, highest program size, and maximum time of scanning. The results indicate that the AOI can help to trace the program more easily in fault situations. Besides, additional program instructions could reduce processor memory, system construction costs, and upgrade projects.

show abstract

Detecting covert channel attacks on cyber‐physical systems

Li,

Chasaki

2023

IET Cyber-Phy Sys Theory & Ap

View full text Add to dashboard Cite

Cyberattacks on cyber‐physical systems (CPS) have the potential to cause widespread disruption and affect the safety of millions of people. Machine learning can be an effective tool for detecting attacks on CPS, including the most stealthy types of attacks, known as covert channel attacks. In this study, the authors describe a novel hierarchical ensemble architecture for detecting covert channel attacks in CPS. Our proposed approach uses a combination of TCP payload entropy and network flows for feature engineering. Our approach achieves high detection performance, shortens the model training duration, and shows promise for effective detection of covert channel communications. This novel architecture closely mirrors the CPS attack stages in real‐life, providing flexibility and adaptability in detecting new types of attacks.

show abstract

Forget the Myth of the Air Gap: Machine Learning for Reliable Intrusion Detection in SCADA Systems

Cited by 13 publications

References 30 publications

LoGD-ai: An Efficient Network Intrusion Detection System Using a Soft Voting-Based Ensemble Learner

LoGD-ai: An Efficient Network Intrusion Detection System Using a Soft Voting-Based Ensemble Learner

A smart PLC-SCADA framework for monitoring petroleum products terminals in industry 4.0 via machine learning

Detecting covert channel attacks on cyber‐physical systems

Contact Info

Product

Resources

About