Autoencoder based anomaly detection for SCADA networks

Sajid Nazir, Shushma Patel, Dilip Patel

Research output: Contribution to journalArticle

Abstract

Supervisory Control and Data Acquisition (SCADA) systems are industrial control systems that are used to monitor critical infrastructures such as airports, transport, health and public services of national importance. These are cyber physical systems, which are increasingly integrated with networks and Internet of Things devices to provide benefits such as timely operational feedback and visibility. However, this results in a larger attack surface for cyber threats, making it important to identify and thwart cyber-attacks by detecting anomalous network traffic patterns. Compared to other techniques, as well as detecting known attack patterns, machine learning can also detect new and evolving threats. Autoencoders are a type of neural network that generates a compressed representation of its input data and through reconstruction loss of inputs can help identify anomalous data. In this paper we propose the use of autoencoders for unsupervised anomaly based intrusion detection using an appropriate differentiating threshold from the loss distribution and demonstrate improvements in results compared to other techniques for SCADA gas pipeline dataset.
Original languageEnglish
JournalInternational Journal of Artificial Intelligence and Machine Learning (IJAIML)
Publication statusAccepted/In press - 9 Jun 2020

Keywords

  • anomaly detection, SCADA, clustering, classification, IoT, neural networks, intrusion detection, machine learning, autoencoders

Fingerprint Dive into the research topics of 'Autoencoder based anomaly detection for SCADA networks'. Together they form a unique fingerprint.

  • Cite this