Neural network based anomaly detection for SCADA systems

Neural networks are widely used for anomaly detection in order to identify and classify cyber attacks at network level. In particular in critical infrastructures like the electric power grid, the reliable detection and mitigation of attacks is vital as communication infrastructure availability is often indispensable for the proper operation of such systems. We propose a combination of a deep feed forward neural network as a classifier and a deep autoencoder for anomaly detection to gain a high detection rate and at the same time a low error rate. Two different data sets were used to evaluate the applicability and performance of our approach. The aim is to deploy our neural network based anomaly detection in an software-defined network (SDN) that is carrying SCADA traffic and where the controller is providing traffic flow information for anomaly detection.