Authors
Patric Nader, Paul Honeine, Pierre Beauseroy,
Title
l_p-norms in One-Class Classification for Intrusion Detection in SCADA Systems
In
IEEE Transactions on Industrial Informatics
Volume
10
Issue
4
Pages
2308–2317
Publisher
IEEE
Year
2014
Publisher's URL
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6846360
Indexed by
Abstract
The massive use of information and communication technologies in supervisory control and data acquisition (SCADA) systems opens new ways for carrying out cyberattacks against critical infrastructures relying on SCADA networks. The various vulnerabilities in these systems and the heterogeneity of cyberattacks make the task extremely difficult for traditional intrusion detection systems (IDS). Modeling cyberattacks has become nearly impossible and their potential consequences may be very severe. The primary objective of this work is to detect malicious intrusions once they have already bypassed traditional IDS and firewalls. This paper investigates the use of machine learning for intrusion detection in SCADA systems using one-class classification algorithms. Two approaches of one-class classification are investigated: 1) the support vector data description (SVDD); and 2) the kernel principle component analysis. The impact of the considered metric is examined in detail with the study of lp-norms in radial basis function (RBF) kernels. A heuristic is proposed to find an optimal choice of the bandwidth parameter in these kernels. Tests are conducted on real data with several types of cyberattacks.
Affiliations
Offprint