Omni SCADA Intrusion Detection Using Deep Learning Algorithms

被引：62

作者：

Gao, Jun ^{[1
]}

Gan, Luyun ^{[1
]}

Buschendorf, Fabiola ^{[2
,3
]}

Zhang, Liao ^{[1
]}

Liu, Hua ^{[4
]}

Li, Peixue ^{[4
]}

Dong, Xiaodai ^{[1
]}

Lu, Tao ^{[1
]}

机构：

[1] Univ Victoria, Dept Elect & Comp Engn, Victoria, BC V8P 5C2, Canada

[2] Univ Gottingen, Dept Comp Sci, D-37073 Gottingen, Germany

[3] Tech Univ Darmstadt, D-64289 Darmstadt, Germany

[4] Fortinet Technol Inc, Res & Dev Dept, Sunnyvale, CA 94086 USA

来源：

IEEE INTERNET OF THINGS JOURNAL | 2021年 / 8卷 / 02期

关键词：

Feature extraction; IP networks; Registers; Machine learning; Intrusion detection; Software; Denial of Service (DoS); feedforward neural networks (FNNs); intrusion detection; intrusion detection system (IDS); long-short term memory (LSTM); Modbus; multilayer perceptron; network security; supervised learning; supervisory control and data acquisition (SCADA) systems; DETECTION SYSTEM;

D O I：

10.1109/JIOT.2020.3009180

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this article, we investigate deep-learning-based omni intrusion detection system (IDS) for supervisory control and data acquisition (SCADA) networks that are capable of detecting both temporally uncorrelated and correlated attacks. Regarding the IDSs developed in this article, a feedforward neural network (FNN) can detect temporally uncorrelated attacks at an F1 of 99.9670.005 but correlated attacks as low as 582. In contrast, long short-term memory (LSTM) detects correlated attacks at 99.560.01 while uncorrelated attacks at 99.30.1. Combining LSTM and FNN through an ensemble approach further improves the IDS performance with F1 of 99.680.04 regardless the temporal correlations among the data packets.

引用

页码：951 / 961

页数：11

共 47 条

[1]

Abadi M, 2016, PROCEEDINGS OF OSDI'16: 12TH USENIX SYMPOSIUM ON OPERATING SYSTEMS DESIGN AND IMPLEMENTATION, P265

[2] An Investigation into the Response of a Water Treatment System to Cyber Attacks [J].

Adepu, Sridhar ;

Mathur, Aditya .

2016 IEEE 17TH INTERNATIONAL SYMPOSIUM ON HIGH ASSURANCE SYSTEMS ENGINEERING (HASE), 2016, :141-148

[3]

[Anonymous], 2007, Kdd cup 1999

[4]

[Anonymous], 1998, Neural Networks: Tricks of the trade

[5] A hybrid intrusion detection system design for computer network security [J].

Aydin, M. Ali ;

Zaim, A. Halim ;

Ceylan, K. Goekhan .

COMPUTERS & ELECTRICAL ENGINEERING, 2009, 35 (03) :517-526

[6]

Bishop M, 1997, P 19 NAT INF SYST SE, P147

[7]

Chen B, 2015, IEEE INT WORK TECH

[8]

Chollet F., 2015, Keras

[9] Evaluation of anomaly-based IDS for mobile devices using machine learning classifiers [J].

Damopoulos, Dimitrios ;

Menesidou, Sofia A. ;

Kambourakis, Georgios ;

Papadaki, Maria ;

Clarke, Nathan ;

Gritzalis, Stefanos .

SECURITY AND COMMUNICATION NETWORKS, 2012, 5 (01) :3-14

[10] Ensemble methods in machine learning [J].

Dietterich, TG .

MULTIPLE CLASSIFIER SYSTEMS, 2000, 1857 :1-15

← 1 2 3 4 5 →