Abstract
The industrial processes and systems have become more sophisticated and also adopted in diverse areas of human activities. The Industrial Control System (ICS) or Internet of Things (IoT) have become essential for our daily life, and therefore vital for contemporary society. These systems are often included in Critical Information Infrastructure (CII) which is crucial for each state. Consequently, the cyber defense is and will be one of the most important security field for our society. Therefore, we use the novelty detection approach in order to identify anomalies which can be a symptom of the cyber-attack in ICS environment. To achieve the main goal of the article One-Class Support Vector Machine (OCSVM) algorithm was used. Moreover, the anomaly detection algorithm is adjusted via multi-criteria evaluation and classifier fusion.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Stouffer, K., Lightman, S., Pillitteri, V., Abrams, M., Hahn, A.: Guide to Industrial Control Systems (ICS) Security. NIST special publication, 800(82) R2, 16-16 (2015)
Macaulay, T., Singer, B.: Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS, 193 p. CRC Press, Boca Raton (2012). ISBN 14-398-0196-7
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)
Dewa, Z., Maglaras, L.A.: Data mining and intrusion detection systems. Int. J. Adv. Comput. Sci. Appl. 7(1), 62–71 (2016)
Pathan, A.S.K.: The State of the Art in Intrusion Prevention and Detection. Auerbach Publications, Boca Raton (2014)
Goldstein, M., Uchida, S.: A comparative evaluation of unsupervised anomaly detection algorithms for multivariate data. PLoS One 11(4), e0152173 (2016)
Ebrahimi, M., Suen, C.Y., Ormandjieva, O., Krzyzak, A.: Recognizing predatory chat documents using semi-supervised anomaly detection. Electron. Imaging 2016(17), 1–9 (2016)
Sharma, V., Suryawanshi, V.: Network anomaly detection through hybrid algorithm. Int. J. Comput. Sci. Trends Technol. (IJCST) 5, 74–78 (2017)
Akoglu, L., Tong, H., Koutra, D.: Graph based anomaly detection and description: a survey. Data Min. Knowl. Disc. 29(3), 626–688 (2015)
Pollet, J.: SCADA 2017: The Future of SCADA Security. 8th Annual ICS & SCADA Security Summit, SANS, 12–13 February 2013. https://files.sans.org/summit/euscada12/PDFs/RedTigerSecurity_SCADA_2017.pdf
Horkan, M.: Challenges for IDS/IPS Deployment in Industrial Control Systems. SANS Institute (2015). https://www.sans.org/reading-room/whitepapers/ICS/challenges-ids-ips-deployment-industrial-control-systems-36127
Verba, J., Milvich, M.: Idaho national laboratory supervisory control and data acquisition intrusion detection system (SCADA IDS). In: IEEE Conference on Technologies for Homeland Security, pp. 469–473. IEEE (2008)
Zhu, B., Sastry, S.: Intrusion detection and resilient control for SCADA systems. In: Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection: Approaches for Threat Protection, vol. 352 (2012)
Yang, Y., McLaughlin, K., Littler, T., Sezer, S., Wang, H.F.: Rule-based intrusion detection system for SCADA networks. In: 2nd IET Renewable power generation conference (RPG 2013), pp. 1–4. IET (2013)
Maglaras, L.A., Jiang, J.: Intrusion detection in SCADA systems using machine learning techniques. In: Science and Information Conference (SAI 2014), pp. 626–631. IEEE (2014)
Knapp, E.: Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems, vol. xvii, 341 p. Syngress, Waltham (2011). ISBN 15–974-9645-6
Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273–297 (1995)
Hsu, C.W., Chang, C.C., Lin, C.J.: A practical guide to support vector classification. BJU Int. 101, 1396–400 (2008)
Hink, R.C.B., Beaver, J.M., Buckner, M.A., Morris, T., Adhikari, U., Pan, S.: Machine learning for power system disturbance and cyber-attack discrimination. In: 2014 7th International Symposium on Resilient Control Systems (ISRCS), pp. 1–8. IEEE, August 2014
Acknowledgments
This work was funded by the Internal Grant Agency (IGA/FAI/2018/003) and supported by the project ev. no. VI20152019049 “RESILIENCE 2015: Dynamic Resilience Evaluation of Interrelated Critical Infrastructure Subsystems”, supported by the Ministry of the Interior of the Czech Republic in the years 2015–2019 and also supported by the research project VI20172019054 “An analytical software module for the real-time resilience evaluation from point of the converged security”, supported by the Ministry of the Interior of the Czech Republic in the years 2017-2019. Moreover, this work was supported by the Ministry of Education, Youth and Sports of the Czech Republic within the National Sustainability Programme project No. LO1303 (MSMT-7778/2014) and also by the European Regional Development Fund under the project CEBIA-Tech No. CZ.1.05/2.1.00/03.0089. Finally, we thank our colleagues from Mississippi State University and Oak Ridge National Laboratory which provides SCADA datasets.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Vávra, J., Hromada, M. (2019). Novelty Detection System Based on Multi-criteria Evaluation in Respect of Industrial Control System. In: Silhavy, R. (eds) Cybernetics and Algorithms in Intelligent Systems . CSOC2018 2018. Advances in Intelligent Systems and Computing, vol 765. Springer, Cham. https://doi.org/10.1007/978-3-319-91192-2_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-91192-2_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-91191-5
Online ISBN: 978-3-319-91192-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)