Supervisory Control and Data Acquisition (SCADA) systems are industrial control systems that are used to monitor critical infrastructures such as airports, transport, health and public services of national importance. These are cyber physical systems, which are increasingly integrated with networks and Internet of Things devices to provide benefits such as timely operational feedback and visibility. However, this results in a larger attack surface for cyber threats, making it important to identify and thwart cyber-attacks by detecting anomalous network traffic patterns. Compared to other techniques, as well as detecting known attack patterns, machine learning can also detect new and evolving threats. Autoencoders are a type of neural network that generates a compressed representation of its input data and through reconstruction loss of inputs can help identify anomalous data. In this paper we propose the use of autoencoders for unsupervised anomaly based intrusion detection using an appropriate differentiating threshold from the loss distribution and demonstrate improvements in results compared to other techniques for SCADA gas pipeline dataset.
|Journal||International Journal of Artificial Intelligence and Machine Learning (IJAIML)|
|Publication status||Accepted/In press - 9 Jun 2020|
- anomaly detection, SCADA, clustering, classification, IoT, neural networks, intrusion detection, machine learning, autoencoders