Omni SCADA intrusion detection
We investigate deep learning based omni intrusion detection system (IDS) for supervisory control and data acquisition (SCADA) networks that are capable of detecting both temporally uncorrelated and correlated attacks. Regarding the IDSs developed in this paper, a feedforward neural network (FNN) c...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | English en |
| Published: |
2020
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/1828/11745 |
| id |
ndltd-uvic.ca-oai-dspace.library.uvic.ca-1828-11745 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-uvic.ca-oai-dspace.library.uvic.ca-1828-117452020-05-12T15:34:38Z Omni SCADA intrusion detection Gao, Jun Lu, Tao SCADA Industrial control system Modbus LSTM IDS Deep learning Recurrent neural network We investigate deep learning based omni intrusion detection system (IDS) for supervisory control and data acquisition (SCADA) networks that are capable of detecting both temporally uncorrelated and correlated attacks. Regarding the IDSs developed in this paper, a feedforward neural network (FNN) can detect temporally uncorrelated attacks at an F1 of 99.967±0.005% but correlated attacks as low as 58±2%. In contrast, long-short term memory (LSTM) detects correlated attacks at 99.56±0.01% while uncorrelated attacks at 99.3±0.1%. Combining LSTM and FNN through an ensemble approach further improves the IDS performance with F1 of 99.68±0.04% regardless the temporal correlations among the data packets. Graduate 2020-05-11T19:16:51Z 2020-05-11T19:16:51Z 2020 2020-05-11 Thesis http://hdl.handle.net/1828/11745 English en Available to the World Wide Web application/pdf |
| collection |
NDLTD |
| language |
English en |
| format |
Others
|
| sources |
NDLTD |
| topic |
SCADA Industrial control system Modbus LSTM IDS Deep learning Recurrent neural network |
| spellingShingle |
SCADA Industrial control system Modbus LSTM IDS Deep learning Recurrent neural network Gao, Jun Omni SCADA intrusion detection |
| description |
We investigate deep learning based omni intrusion detection system (IDS) for supervisory control and data acquisition (SCADA) networks that are capable of detecting
both temporally uncorrelated and correlated attacks. Regarding the IDSs developed
in this paper, a feedforward neural network (FNN) can detect temporally uncorrelated attacks at an F1 of 99.967±0.005% but correlated attacks as low as 58±2%. In
contrast, long-short term memory (LSTM) detects correlated attacks at 99.56±0.01%
while uncorrelated attacks at 99.3±0.1%. Combining LSTM and FNN through an
ensemble approach further improves the IDS performance with F1 of 99.68±0.04%
regardless the temporal correlations among the data packets. === Graduate |
| author2 |
Lu, Tao |
| author_facet |
Lu, Tao Gao, Jun |
| author |
Gao, Jun |
| author_sort |
Gao, Jun |
| title |
Omni SCADA intrusion detection |
| title_short |
Omni SCADA intrusion detection |
| title_full |
Omni SCADA intrusion detection |
| title_fullStr |
Omni SCADA intrusion detection |
| title_full_unstemmed |
Omni SCADA intrusion detection |
| title_sort |
omni scada intrusion detection |
| publishDate |
2020 |
| url |
http://hdl.handle.net/1828/11745 |
| work_keys_str_mv |
AT gaojun omniscadaintrusiondetection |
| _version_ |
1719314930206769152 |