Abstract
Using probabilistic risk assessment and decision-making methodology, this study analyzes and manages risks to Supervisory Control and Data Acquisition (SCADA) systems that are made on purpose. Seemingly, the attacker can launch attacks anywhere in the world from a single place. Viruses and other dangerous executables tend to stay in the system for a while and then spread their copy to other systems on the network. One of the greatest issues for security experts is detecting cyber-attacks and starting immediate recovery from them when they have spread across the entire system at a triggered time and are doing significant harm. Any SCADA system that has been compromised can have an effect on the functioning of functional blocks and measured parameters, changes in the operating circumstances of the installations, and abnormal beginnings, stops, and modifications to the installed units as instructed by the attackers. Samples are represented as a separate byte file in this study after the raw dataset has been preprocessed. The byte file is used for both testing and training prediction models using statistical processes, which can then be utilized to detect malware in critical infrastructure systems. Finding malicious executables based on both nature and signature is the focus of this study. Each model's conclusion is found on limited malware data samples; however, these samples produce convincing results for previously unidentified malware. The results of the experiments reveal that, when there are few training samples available for a given harmful file, modified K-neighbor outperforms Logistic Regression and Random Forest.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adepu, S., Mathur, A.: Distributed attack detection in a water treatment plant: method and case study. IEEE Trans. Depend. Sec. Comput. 18(1), 86–99 (2018)
Alabadi, M., Celik, Y.: Anomaly detection for cyber-security based on convolution neural network: a survey. In: 2020 International Congress on Human-Computer Interaction, Optimization and Robotic Applications (HORA), pp. 1–14. IEEE (2020)
Amin, S., Litrico, X., Sastry, S., Bayen, A.M.: Cyber security of water SCADA systems—Part I: analysis and experimentation of stealthy deception attacks. IEEE Trans. Control Syst. Technol. 21(5), 1963–1970 (2012)
Brantly, A.F., Kostyuk, N., Lindsay, J.R., Maschmeyer, L., Pakharenko, G.: The cyber dimension of the crisis in Ukraine: an expert panel discussion (2022)
Chen, T.M., Abu-Nimeh, S.: Lessons from Stuxnet. Computer 44(4), 91–93 (2011)
Fernandez, J.D., Fernandez, A.E.: SCADA systems: vulnerabilities and remediation. J. Comput. Sci. Coll. 20(4), 160–168 (2005)
Geers, K., Kindlund, D., Moran, N., Rachwald, R.: World War C: understanding nation-state motives behind today’s advanced cyber-attacks. Technical report, FireEye, Milpitas, CA, USA, September 2014 (2014)
Gupta, M., Mittal, S., Abdelsalam, M.: AI assisted malware analysis: a course for next generation cybersecurity workforce. arXiv preprint arXiv:2009.11101 (2020)
Gungor, V.C., et al.: Smart grid technologies: communication technologies and standards. IEEE Trans. Ind. Inf. 7(4), 529–539 (2011)
Jha, Sudan, Deepak Prashar, Hoang Viet Long, and David Taniar(2020). “Recurrent neural network for detecting malware.“ Computers & Security 99: 102037
Kumar, N., Mukhopadhyay, S., Gupta, M., Handa, A., Shukla, S.K.: Malware classification using early stage behavioral analysis. In: 2019 14th Asia Joint Conference on Information Security (AsiaJCIS), pp. 16–23. IEEE (2019)
Kang, D.J., Robles, R.J.: Compartmentalization of protocols in SCADA communication. Int. J. Adv. Sci. Technol. 8, 27–36 (2009)
Karnouskos, S.: Stuxnet worm impact on industrial cyber-physical system security. In: IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society, pp. 4490–4494. IEEE, November 2011
Karnouskos, S., Colombo, A.W.: Architecting the next generation of service-based SCADA/DCS system of systems. In: IECON 2011-37th Annual Conference of the IEEE Industrial Electronics Society, pp. 359–364. IEEE, November 2011
Li, X., Qiu, K., Qian, C., Zhao, G.: An adversarial machine learning method based on OpCode N. IEEE (2020)
Mills, A., Legg, P.: Investigating anti-evasion malware triggers using automated sandbox reconfiguration techniques. J. Cybersecur. Priv. 1(1), 19–39 (2020)
Mohee, A.: Cyber war: the hidden side of the Russian-Ukrainian crisis (2022)
Mwiki, H., Dargahi, T., Dehghantanha, A., Choo, K.-K.: Analysis and triage of advanced hacking groups targeting western countries critical national infrastructure: APT28, RED October, and Regin. In: Gritzalis, D., Theocharidou, M., Stergiopoulos, G. (eds.) Critical infrastructure security and resilience. ASTSA, pp. 221–244. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-00024-0_12
Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H.: SCADA security in the light of Cyber-Warfare. Comput. Secur. 31(4), 418–436 (2012)
Singh, A., Handa, A., Kumar, N., Shukla, S.K.: Malware classification using image representation. In: Dolev, S., Hendler, D., Lodha, S., Yung, M. (eds.) CSCML 2019. LNCS, vol. 11527, pp. 75–92. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-20951-3_6
Stouffer, K., Falco, J.: Guide to supervisory control and data acquisition (SCADA) and industrial control systems security. National Institute of Standards and Technology (2006)
Tuptuk, N., Hazell, P., Watson, J., Hailes, S.: A systematic review of the state of cyber-security in water systems. Water 13, 81 (2021)
Mathur, A.P., Tippenhauer, N.O.: SWAT: a water treatment testbed for research and training on ICS security. In: 2016 International Workshop on Cyber-Physical Systems for Smart Water Networks (CySWater), pp. 31–36. IEEE (2016)
Mahmoud, R., Yousuf, T., Aloul, F., Zualkernan, I.: Internet of Things (IoT) security: current status, challenges and prospective measures. In: 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 336–341, December 2015
Wen, Q., Dong, X., Zhang, R.: Application of dynamic variable cipher security certificate in internet of things. In: 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems, vol. 3, pp. 1062–1066. IEEE, October 2012
Wangen, G.: The role of malware in reported cyber espionage: a review of the impact and mechanism. Information 6(2), 183–211 (2015)
Yaacoub, J.P.A., Salman, O., Noura, H.N., Kaaniche, N., Chehab, A., Malli, M.: Cyber-physical systems security: limitations, issues and future trends. Microprocess. Microsyst. 77, 103201 (2020)
Zhioua, S.: The middle east under malware attack dissecting cyber weapons. In 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops, pp. 11–16. IEEE (2013)
Zhu, B., Joseph, A., Sastry, S.: A taxonomy of cyber attacks on SCADA systems. In: 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing, pp. 380–388. IEEE, October 2011
Singh, S.D.: Ancient Indian Warfare: With Special Reference to the Vedic Period. Motilal Banarsidass Publ., Delhi (1989)
Cervini, J., Rubin, A., Watkins, L.: Don’t drink the cyber: extrapolating the possibilities of oldsmar’s water treatment cyberattack. In: International Conference on Cyber Warfare and Security, vol. 17, no. 1, pp. 19–25, March 2022
Giria, I.N.Y.T., Putria, L.A.A.R., Giria, G.A.V.M., Putraa, I.G.N.A.C., Widiarthaa, I.M., Suprianaa, I.W.: Music genre classification using modified k-nearest neighbor (MK-NN). Jurnal Elektronik Ilmu Komputer Udayana (2022). p-ISSN 2301-5373
Bodenheim, R., Butts, J., Dunlap, S., Mullins, B.: Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices. Int. J. Crit. Infrastruct. Prot. 7(2), 114–123 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Rai, M.K., Haripriya, K., Sharma, P. (2023). Modified K-Neighbor Outperforms Logistic Regression and Random Forest in Identifying Host Malware Across Limited Data Sets. In: Woungang, I., Dhurandher, S.K., Pattanaik, K.K., Verma, A., Verma, P. (eds) Advanced Network Technologies and Intelligent Computing. ANTIC 2022. Communications in Computer and Information Science, vol 1797. Springer, Cham. https://doi.org/10.1007/978-3-031-28180-8_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-28180-8_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-28179-2
Online ISBN: 978-3-031-28180-8
eBook Packages: Computer ScienceComputer Science (R0)