Attack Detection Using Artificial Intelligence Methods for SCADA Security

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2024-08-22 DOI:10.1109/JIOT.2024.3447876

Nesibe Yalçın;Semih Çakır;Sibel Ünaldı

{"title":"Attack Detection Using Artificial Intelligence Methods for SCADA Security","authors":"Nesibe Yalçın;Semih Çakır;Sibel Ünaldı","doi":"10.1109/JIOT.2024.3447876","DOIUrl":null,"url":null,"abstract":"Technological developments and transformations have rapidly risen since the Fourth Industrial Revolution. The prevalence of industrial devices interconnected over the wireless sensor networks and the provision of a sustainable data flow reveal the importance of the Industrial Internet of Things (IIoT). In the manufacturing industry, supervisory control and data acquisition (SCADA) systems are used to control IIoT for critical infrastructure. A cyberattack on the network-based communication structure embedded into the architecture of industrial equipment can significantly disrupt/sabotage product manufacturing and other industrial operations. The digitization of industrial control systems can expose the systems to malicious actors and therefore requires additional security solutions, such as intrusion detection systems (IDSs). Increasing sophistication of cyberattacks, industrial companies need to adopt innovative solutions like artificial intelligence (AI)-based attack detection to protect their valuable assets. In addition, AI-based approaches are more effective as they analyze network traffic, identify threats, and adapt to new attack techniques. This study aims to develop an AI-based IDS with high accuracy for SCADA security. In the study, cyberattacks that may occur against SCADA systems are examined. AI methods (including K-nearest neighbor, quadratic discriminant analysis, adaptive boosting, gradient boosting, and random forest) in different categories are used and AI models with various parameters are built. To improve the detection performance of the models, comprehensive experiments are carried out on two different SCADA data sets. As a result of experiments, the test accuracy rates exceeding 96.82% are achieved by all models: on the WUSTL-IIOT-2021 data set, the XGB model has outperformed with an accuracy of 99.99%.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"11 24","pages":"39550-39559"},"PeriodicalIF":8.9000,"publicationDate":"2024-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10643587","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10643587/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Technological developments and transformations have rapidly risen since the Fourth Industrial Revolution. The prevalence of industrial devices interconnected over the wireless sensor networks and the provision of a sustainable data flow reveal the importance of the Industrial Internet of Things (IIoT). In the manufacturing industry, supervisory control and data acquisition (SCADA) systems are used to control IIoT for critical infrastructure. A cyberattack on the network-based communication structure embedded into the architecture of industrial equipment can significantly disrupt/sabotage product manufacturing and other industrial operations. The digitization of industrial control systems can expose the systems to malicious actors and therefore requires additional security solutions, such as intrusion detection systems (IDSs). Increasing sophistication of cyberattacks, industrial companies need to adopt innovative solutions like artificial intelligence (AI)-based attack detection to protect their valuable assets. In addition, AI-based approaches are more effective as they analyze network traffic, identify threats, and adapt to new attack techniques. This study aims to develop an AI-based IDS with high accuracy for SCADA security. In the study, cyberattacks that may occur against SCADA systems are examined. AI methods (including K-nearest neighbor, quadratic discriminant analysis, adaptive boosting, gradient boosting, and random forest) in different categories are used and AI models with various parameters are built. To improve the detection performance of the models, comprehensive experiments are carried out on two different SCADA data sets. As a result of experiments, the test accuracy rates exceeding 96.82% are achieved by all models: on the WUSTL-IIOT-2021 data set, the XGB model has outperformed with an accuracy of 99.99%.

查看原文本刊更多论文

利用人工智能方法检测 SCADA 安全攻击

自第四次工业革命以来，技术发展和变革迅速发展。通过无线传感器网络互联的工业设备的普及以及可持续数据流的提供揭示了工业物联网（IIoT）的重要性。在制造业中，监控和数据采集（SCADA）系统用于控制关键基础设施的工业物联网。对嵌入到工业设备架构中的基于网络的通信结构的网络攻击可以严重破坏/破坏产品制造和其他工业操作。工业控制系统的数字化可能会将系统暴露给恶意行为者，因此需要额外的安全解决方案，例如入侵检测系统（ids）。网络攻击越来越复杂，工业企业需要采用基于人工智能（AI）的攻击检测等创新解决方案来保护其宝贵资产。此外，基于人工智能的方法更有效，因为它们可以分析网络流量、识别威胁并适应新的攻击技术。本研究旨在为SCADA安全开发一种基于人工智能的高精度IDS。在研究中，网络攻击可能发生对SCADA系统进行了检查。采用不同类别的人工智能方法（包括k近邻、二次判别分析、自适应增强、梯度增强和随机森林），建立不同参数的人工智能模型。为了提高模型的检测性能，在两种不同的SCADA数据集上进行了综合实验。实验结果表明，所有模型的测试准确率均超过96.82%：在WUSTL-IIOT-2021数据集上，XGB模型的准确率达到99.99%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.