scholarly journals Autoencoder Based Anomaly Detection for SCADA Networks

2021 ◽  
Vol 11 (2) ◽  
pp. 83-99
Author(s):  
Sajid Nazir ◽  
Shushma Patel ◽  
Dilip Patel
Keyword(s):  
Cyber Attacks ◽  
Traffic Patterns ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Physical Systems ◽  
Anomalous Data ◽  
National Importance ◽  
Attack Patterns ◽  
Attack Surface ◽  
Scada Networks

Supervisory control and data acquisition (SCADA) systems are industrial control systems that are used to monitor critical infrastructures such as airports, transport, health, and public services of national importance. These are cyber physical systems, which are increasingly integrated with networks and internet of things devices. However, this results in a larger attack surface for cyber threats, making it important to identify and thwart cyber-attacks by detecting anomalous network traffic patterns. Compared to other techniques, as well as detecting known attack patterns, machine learning can also detect new and evolving threats. Autoencoders are a type of neural network that generates a compressed representation of its input data and through reconstruction loss of inputs can help identify anomalous data. This paper proposes the use of autoencoders for unsupervised anomaly-based intrusion detection using an appropriate differentiating threshold from the loss distribution and demonstrate improvements in results compared to other techniques for SCADA gas pipeline dataset.

scholarly journals Detection of cyber-attacks in systems with distributed control based on support vector regression

2020 ◽  
Vol 12 (2) ◽  
pp. 104-109
Author(s):  
Dušan Nedeljković ◽  
Živana Jakovljević ◽  
Zoran Miljković ◽  
Miroslav Pajić
Keyword(s):  
Support Vector Regression ◽  
Cyber Attacks ◽  
Support Vector ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Industrial Plants ◽  
Physical Systems ◽  
Industrial Iot ◽  
Sensor Signals ◽  
Opening Up

Concept of Industry 4.0 and implementation of Cyber Physical Systems (CPS) and Internet of Things (IoT) in industrial plants are changing the way we manufacture. Introduction of industrial IoT leads to ubiquitous communication (usually wireless) between devices in industrial control systems, thus introducing numerous security concerns and opening up wide space for potential malicious threats and attacks. As a consequence of various cyber-attacks, fatal failures can occur on system parts or the system as a whole. Therefore, security mechanisms must be developed to provide sufficient resilience to cyber-attacks and keep the system safe and protected. In this paper we present a method for detection of attacks on sensor signals, based on e insensitive support vector regression (e-SVR). The method is implemented on publicly available data obtained from Secure Water Treatment (SWaT) testbed as well as on a real-world continuous time controlled electro-pneumatic positioning system. In both cases, the method successfully detected all considered attacks (without false positives).

Building a Cybersecurity Culture in the Industrial Control System Environment

2019 ◽  
Vol 8 (1) ◽  
pp. 39-44
Author(s):  
Claudia ARAUJO MACEDO ◽  
Jos MENTING
Keyword(s):  
Control System ◽  
Control Systems ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Industrial Control System ◽  
Security Measures ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
System A ◽  
Educational Processes

Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.

scholarly journals A review: towards practical attack taxonomy for industrial control systems

2018 ◽  
Vol 7 (2.14) ◽  
pp. 145 ◽  
Author(s):  
Qais Saif Qassim ◽  
Norziana Jamil ◽  
Razali Jidin ◽  
Mohd Ezanee Rusli ◽  
Md Nabil Ahmad Zawawi ◽  
...  
Keyword(s):  
Control Systems ◽  
Supervisory Control ◽  
Cyber Attacks ◽  
Critical Infrastructures ◽  
Cyber Attack ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Scada System ◽  
Water Transportation ◽  
Different Types

Supervisory Control and Data Acquisition (SCADA) system is the underlying control system of most national critical infrastructures such as power, energy, water, transportation and telecommunication. In order to understand the potential threats to these infrastructures and the mechanisms to protect them, different types of cyber-attacks applicable to these infrastructures need to be identified. Therefore, there is a significant need to have a comprehensive understanding of various types of cyber-attacks and its classification associated with both Opera-tion Technology (OT) and Information Technology (IT). This paper presents a comprehensive review of existing cyber-attack taxonomies available in the literature and evaluates these taxonomies based on defined criteria.  

Cybersecurity Leadership: Competencies, Governance, and Technologies for Industrial Control Systems

2017 ◽  
Vol 17 (01) ◽  
pp. 1740001 ◽  
Author(s):  
JEAN-PIERRE AUFFRET ◽  
JANE L. SNOWDON ◽  
ANGELOS STAVROU ◽  
JEFFREY S. KATZ ◽  
DIANA KELLEY ◽  
...  
Keyword(s):  
Smart Grid ◽  
Control Systems ◽  
Leadership Competencies ◽  
Cyber Attacks ◽  
Industrial Control ◽  
Public And Private ◽  
Industrial Control Systems ◽  
Grid Systems ◽  
Private Organizations ◽  
Emerging Risk

The extensive integration of interconnected devices and the inadvertent information obtained from untrusted sources has exposed the Industrial Control Systems (ICS) ecosystem to remote attacks by the exploitation of new and old vulnerabilities. Unfortunately, although recognized as an emerging risk based on the recent rise of cyber attacks, cybersecurity for ICS has not been addressed adequately both in terms of technology but, most importantly, in terms of organizational leadership and policy. In this paper, we will present our findings regarding the cybersecurity challenges for Smart Grid and ICS and the need for changes in the way that organizations perceive cybersecurity risk and leverage resources to balance the needs for information security and operational security. Moreover, we present empirical data that point to cybersecurity governance and technology principles that can help public and private organizations to navigate successfully the technical cybersecurity challenges for ICS and Smart Grid systems. We believe that by identifying and mitigating the inherent risks in their systems, operations, and processes, enterprises will be in a better position to shield themselves and protect against current and future cyber threats.

scholarly journals Digital Forensic Analysis of Industrial Control Systems Using Sandboxing: A Case of WAMPAC Applications in the Power Systems

Energies ◽  
2019 ◽  
Vol 12 (13) ◽  
pp. 2598
Author(s):  
Asif Iqbal ◽  
Farhan Mahmood ◽  
Mathias Ekstedt
Keyword(s):  
Power Systems ◽  
Control Systems ◽  
Forensic Analysis ◽  
Cyber Attacks ◽  
Power Grids ◽  
Cyber Attack ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Daubert Standard ◽  
And Control

In today’s connected world, there is a tendency of connectivity even in the sectors which conventionally have been not so connected in the past, such as power systems substations. Substations have seen considerable digitalization of the grid hence, providing much more available insights than before. This has all been possible due to connectivity, digitalization and automation of the power grids. Interestingly, this also means that anybody can access such critical infrastructures from a remote location and gone are the days of physical barriers. The power of connectivity and control makes it a much more challenging task to protect critical industrial control systems. This capability comes at a price, in this case, increasing the risk of potential cyber threats to substations. With all such potential risks, it is important that they can be traced back and attributed to any potential threats to their roots. It is extremely important for a forensic investigation to get credible evidence of any cyber-attack as required by the Daubert standard. Hence, to be able to identify and capture digital artifacts as a result of different attacks, in this paper, the authors have implemented and improvised a forensic testbed by implementing a sandboxing technique in the context of real time-hardware-in-the-loop setup. Newer experiments have been added by emulating the cyber-attacks on WAMPAC applications, and collecting and analyzing captured artifacts. Further, using sandboxing for the first time in such a setup has proven helpful.

Sign in / Sign up

Export Citation Format

Share Document