Symmetrical Resilience: Detection of Cyberattacks for SCADA Systems Used in IIoT in Big Data Environments

In recent years, Internet of Things (IoT) systems are used in Industrial Internet of Things (IIoT) systems due to their widespread use in industrial sectors, providing convenience to users in SCADA systems, like other domains. In addition to the diverse technological advancements discussed, the inherent symmetry within the network structures of SCADA systems utilized in the IIoT echoes a fundamental balance sought in digital frameworks. However, along with the advantages of IIoT systems, there are also disadvantages, one major drawback being their vulnerability to attacks. It has been observed that advanced methods such as artificial intelligence, unlike traditional detection techniques, are more successful at detecting attacks on IIoT systems used in SCADA systems. The proposed model was developed to detect cyberattacks on SCADA systems using machine learning and deep learning models. The SCADA network traffic consists of over 7 million rows and has a size of 627 MB. Attack network traffic refers to the type of traffic aimed at causing damage to the system. The attack traffic in this study includes five different attacks. Normal traffic is the type of traffic that facilitates the system's usual communication. Prepared network traffic is not a different type of traffic. Prepared network traffic, as named, is the state of the traffic dataset that has been made ready for analysis with models. The prepared network traffic was examined using eight machine learning models, including the CART, Decision Tree, KNN, Logistic Regression, Naive Bayes, Random Forest, SVM, and XGBoost models, as well as seven deep learning models, namely, CNN, GRU, LSTM, MLP, RNN, CNN-LSTM, and LSTM-CNN. During the evaluation of the models, performance parameters such as the accuracy, F-score, precision, and recall were considered, and the results are presented accordingly. Upon examining the dataset with various models, the highest outcomes were achieved using the MLP model. The investigation utilizing the MLP model resulted in an accuracy of 99.95%, a precision of 99.63%, a recall of 99.49%, and an F-score of 99.56%. These values were obtained with a batch-size combination of 100 and 20 epochs. By addressing cyberattack detection in SCADA systems used in the IIoT within a big data environment, the study encompasses a multidisciplinary approach, touching upon cybersecurity, big data analytics, AI, information security, and IoT-related concerns, all of which are focal points within the scope of the journal. This breadth and depth of coverage make the study highly relevant and aligned with the diverse interests of the journal.