A real time OCSVM Intrusion Detection module with low overhead for SCADA systems
Journal Title: International Journal of Advanced Research in Artificial Intelligence(IJARAI) - Year 2014, Vol 3, Issue 10
Abstract
In this paper we present a intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition) system. Malicious data in a SCADA system disrupt its correct functioning and tamper with its normal operation. OCSVM (One-Class Support Vector Machine) is an intrusion detection mechanism that does not need any labeled data for training or any information about the kind of anomaly is expecting for the detection process. This feature makes it ideal for processing SCADA environment data and automate SCADA performance monitoring. The OCSVM module developed is trained by network traces off line and detect anomalies in the system real time. In order to decrease the overhead induced by communicated alarms we propose a new detection mechanism that is based on the combination of OCSVM with a recursive k-means clustering procedure. The proposed intrusion detection module K??OCSVMis capable to distinguish severe alarms from possible attacks regardless of the values of parameters and , making it ideal for real-time intrusion detection mechanisms for SCADA systems. The most severe alarms are then communicated with the use of IDMEF files to an IDSIDS (Intrusion Detection System) system that is developed under CockpitCI project. Alarm messages carry information about the source of the incident, the time of the intrusion and a classification of the alarm.
Authors and Affiliations
Leandros Maglaras, Jianmin Jiang
Keywords
Related Articles
- EP ID EP110798
- DOI 10.14569/IJARAI.2014.031006
- Views 144
- Downloads 0
A Method for Chinese Short Text Classification Considering Effective Feature Expansion
This paper presents a Chinese short text classification method which considering extended semantic constraints and statistical constraints. This method uses “HowNet” tools to build the attribute set of concept. whe...
A Study of Routing Path Decision Method Using Mobile Robot Based on Distance Between Sensor Nodes
We propose Robot Wireless Sensor Networks (RWSNs) management method for maintaining wireless communication connectivity for a mobile robot teleoperation with considering a distance between sensor nodes. Recent stud...
External analysis of strategic market management can be realized based upon different human mindset–A debate in the light of statistical perspective
The paper entails the statistical correlation of the investigations carried out for the sales and profit prediction and analysis by persons of different mindsets in case of strategic uncertainty . The paper by vir...
Hybrid Metaheuristics for the Unrelated Parallel Machine Scheduling to Minimize Makespan and Maximum Just-in-Time Deviations
This paper studies the unrelated parallel machine scheduling problem with three minimization objectives – makespan, maximum earliness, and maximum tardiness (MET-UPMSP). The last two objectives combined are related...
Contradiction Resolution of Competitive and Input Neurons to Improve Prediction and Visualization Performance
In this paper, we propose a new type of informationtheoretic method to resolve the contradiction observed in competitive and input neurons. For competitive neurons, contradiction between self-evaluation (individuality) a...