Integrated OCSVM mechanism for intrusion detection in SCADA systems

被引：43

作者：

Maglaras, Leandros A. ^{[1
]}

Jiang, Jianmin ^{[1
]}

Cruz, Tiago ^{[2
]}

机构：

[1] Univ Surrey, Fac Engn & Phys Sci, Dept Comp, Guildford GU2 7XH, Surrey, England

[2] Univ Coimbra, Dept Informat Engn, P-15780 Coimbra, Portugal

来源：

ELECTRONICS LETTERS | 2014年 / 50卷 / 25期

关键词：

Interactive computer systems - Support vector machines - Real time systems - Intrusion detection;

D O I：

10.1049/el.2014.2897

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

Intrusion detection in real-time systems is a problem without a profound solution. In supervisory control and data acquisition (SCADA) systems the absence of a defence mechanism that can cope with different types of intrusions is of great importance. False positive alarms or mistakes regarding the origin of the intrusion mean severe costs for the system. An integrated one-class support vector machine (OCSVM) mechanism that is distributed in a SCADA network is presented, as a part of an intrusion detection system, providing accurate information about the origin and the time of an intrusion. The module reads the network traffic, splits traffic according to the source of the packets and creates a cluster of OCSVM models. These trained models run in parallel and can accurately and fast recognise different types of attacks.

引用

页码：1935 / 1936

页数：2

共 6 条

[1]

Al-Sakib Khan P, 2014, STATE ART INTRUSION

[2]

Cruz T., 2014, P 13 ECCWS 2014 PIR

[3] Diversity measures for one-class classifier ensembles [J].

Krawczyk, Bartosz ;

Wozniak, Michal .

NEUROCOMPUTING, 2014, 126 :36-44

[4]

Maglaras L.A., 2014, P SAI C LOND UK AUG

[5] The proof and measurement of association between two things [J].

Spearman, C .

AMERICAN JOURNAL OF PSYCHOLOGY, 1904, 15 :72-101

[6]

Wang YX, 2004, PROCEEDINGS FROM THE FIFTH IEEE SYSTEMS, MAN AND CYBERNETICS INFORMATION ASSURANCE WORKSHOP, P358

← 1 →