Improving SIEM for Critical SCADA Water Infrastructures Using Machine Learning

by   Hanan Hindy, et al.

Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the human factor burden and efficiently handle the complex process and communication of those systems. Supervisory control and data acquisition (SCADA) systems are used in industrial, infrastructure and facility processes (e.g. manufacturing, fabrication, oil and water pipelines, building ventilation, etc.) Like other Internet of Things (IoT) implementations, SCADA systems are vulnerable to cyber-attacks, therefore, a robust anomaly detection is a major requirement. However, having an accurate anomaly detection system is not an easy task, due to the difficulty to differentiate between cyber-attacks and system internal failures (e.g. hardware failures). In this paper, we present a model that detects anomaly events in a water system controlled by SCADA. Six Machine Learning techniques have been used in building and evaluating the model. The model classifies different anomaly events including hardware failures (e.g. sensor failures), sabotage and cyber-attacks (e.g. DoS and Spoofing). Unlike other detection systems, our proposed work focuses on notifying the operator when an anomaly occurs with a probability of the event occurring. This additional information helps in accelerating the mitigation process. The model is trained and tested using a real-world dataset.


Securing Manufacturing Using Blockchain

Due to the rise of Industrial Control Systems (ICSs) cyber-attacks in th...

Anomaly Detection for Industrial Control Networks using Machine Learning with the help from the Inter-Arrival Curves

Industrial Control Networks (ICN) such as Supervisory Control and Data A...

Security in Process: Visually Supported Triage Analysis in Industrial Process Data

Operation technology networks, i.e. hard- and software used for monitori...

Autoencoder-based Anomaly Detection in Smart Farming Ecosystem

The inclusion of Internet of Things (IoT) devices is growing rapidly in ...

Anomaly detection; Industrial control systems; convolutional neural networks

This paper presents a study on detecting cyberattacks on industrial cont...

Cyberattack Detection using Deep Generative Models with Variational Inference

Recent years have witnessed a rise in the frequency and intensity of cyb...

Please sign up or login with your details

Forgot password? Click here to reset