An ensemble learning for anomaly identification in SCADA system
- 1 December 2017
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE) in 2017 7th International Conference on Power Systems (ICPS)
Abstract
As automation being on the surge, SCADA (Supervisory Control and Data Acquisition) substations are driven towards unmanned operations. Security of such substations is a major point of concerned in power system environment. Communication at substations can be inferred from packet level for different purposes like establishing performance pattern of peripheral devices, anomaly detection, and threat identification. The major contributions of this paper, we have implemented ensemble learning methods to identify the anomaly in SCADA traffic on an in-house developed industrial compliant test bench. Anomalies are detected by using deep packet inspection of SCADA network traffic. A mathematical model is defined for stream based anomaly detection for SCADA traffic, and the results shows the performance evaluation Decision tree and Random forest algorithm for anomaly detection.Keywords
This publication has 26 references indexed in Scilit:
- A Coordinated Multi-Switch Attack for Cascading Failures in Smart GridIEEE Transactions on Smart Grid, 2014
- Integrated Anomaly Detection for Cyber Security of the SubstationsIEEE Transactions on Smart Grid, 2014
- Network Traffic Features for Anomaly Detection in Specific Industrial Control System NetworkFuture Internet, 2013
- TCP veto: A novel network attack and its Application to SCADA protocolsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- How can cybersecurity be enhanced in existing substations minimizing impact on the automation and control systemPublished by Institution of Engineering and Technology (IET) ,2013
- A log mining approach for process monitoring in SCADAInternational Journal of Information Security, 2012
- Difficulties in Modeling SCADA Traffic: A Comparative AnalysisLecture Notes in Computer Science, 2012
- Anomaly Detection and Mitigation for Disaster Area NetworksLecture Notes in Computer Science, 2010
- Safe and Secure Networked Control Systems under Denial-of-Service AttacksLecture Notes in Computer Science, 2009
- Security issues in SCADA networksComputers & Security, 2006