New Approach to Determine DDoS Attack Patterns on SCADA System Using Machine Learning

Recently, the importance of Supervisory Control and Data Acquisition (SCADA) systems has grown for many industries around the world. These systems are controlling many vital infrastructures such as grids of power, plants, and water treatment systems. In fact, nowadays SCADA systems cannot be isolated from the public and thus being more vulnerable and exposed to many malicious attacks. Several studies have reviewed the latest developments in cyber-security risks for SCADA systems and found that many factors are responsible for increasing the amount and the level of risks on modern control systems. Among such factors are the network architecture and the reliance on standard technologies that have known vulnerabilities. In this paper, we attempt to improve a framework of SCADA system against Distributed Denial of Service (DDoS) attacks using three machine learning algorithms (i)J48; (ii) Naive Bayes; (iii) Random Forest to determine the attack patterns. These algorithms were trained and evaluated on KDDCup'99 dataset. The preprocessing phase of the dataset was conducted based on the goal of the paper and the obtained results showed that the best classification is obtained using Random Forest classifier (RF) with 99.99% accuracy rate, while Naive Bayes classifier has the lowest accuracy rate of 97.74%.