Omni SCADA intrusion detection

Files

Jun_Gao_MASC_2020.pdf (3.39 MB)

Date

2020-05-11

Authors

Gao, Jun

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

We investigate deep learning based omni intrusion detection system (IDS) for supervisory control and data acquisition (SCADA) networks that are capable of detecting both temporally uncorrelated and correlated attacks. Regarding the IDSs developed in this paper, a feedforward neural network (FNN) can detect temporally uncorrelated attacks at an F1 of 99.967±0.005% but correlated attacks as low as 58±2%. In contrast, long-short term memory (LSTM) detects correlated attacks at 99.56±0.01% while uncorrelated attacks at 99.3±0.1%. Combining LSTM and FNN through an ensemble approach further improves the IDS performance with F1 of 99.68±0.04% regardless the temporal correlations among the data packets.

Description

Keywords

SCADA, Industrial control system, Modbus, LSTM, IDS, Deep learning, Recurrent neural network

Citation

URI

http://hdl.handle.net/1828/11745

Collections

ETD (Electronic Theses and Dissertations)
Theses (Electrical and Computer Engineering)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.