Attacks detection in SCADA systems using an improved non-nested generalized exemplars algorithm

Abstract

Supervisory Control and Data Acquisition (SCADA) systems became vital targets for intruders because of the large volume of its sensitive data. The Cyber Physical Power Systems (CPPS) is an example of these systems in which the deregulation and multipoint communication between consumers and utilities involve large volume of high speed heterogeneous data. The Non-Nested Generalized Exemplars (NNGE) algorithm is one of the most accurate classification techniques that can work with such data of CPPS. However, NNGE algorithm tends to produce rules that test a large number of input features. This poses some problems for the large volume data and hinders the scalability of any detection system. In this paper, we introduce our new Feature Selection and Data Reduction Method (FSDRM) to improve the classification accuracy and speed of the NNGE algorithm and to reduce the computational resource consumption. FSDRM provides the following functionalities: (1) it reduces the dataset features by selecting the most significant ones, (2) it reduces the NNGE's hyperrectangles classifiers. The experiments show that the FSDRM reduces the NNGE hyperrectangles by 29.06%, 37.34%, and 26.76% and improves the classification accuracy of the NNGE by 8.57%, 4.19%, and 3.78% using the Multi, Binary, and Triple class datasets respectively.