Open AccessIntegrated OCSVM mechanism for intrusion detection in SCADA systems
Author(s) -
Maglaras Leandros A.,
Jiang Jianmin,
Cruz Tiago
Publication year - 2014
Publication title -
electronics letters
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.375
H-Index - 146
ISSN - 1350-911X
DOI - 10.1049/el.2014.2897
Subject(s) - scada , intrusion detection system , network packet , computer science , anomaly based intrusion detection system , misuse detection , mechanism (biology) , support vector machine , data mining , real time computing , artificial intelligence , computer security , engineering , philosophy , epistemology , electrical engineering
Intrusion detection in real‐time systems is a problem without a profound solution. In supervisory control and data acquisition (SCADA) systems the absence of a defence mechanism that can cope with different types of intrusions is of great importance. False positive alarms or mistakes regarding the origin of the intrusion mean severe costs for the system. An integrated one‐class support vector machine (OCSVM) mechanism that is distributed in a SCADA network is presented, as a part of an intrusion detection system, providing accurate information about the origin and the time of an intrusion. The module reads the network traffic, splits traffic according to the source of the packets and creates a cluster of OCSVM models. These trained models run in parallel and can accurately and fast recognise different types of attacks.