Designing unsupervised intrusion detection for SCADA systems

Almalawi, A 2014, Designing unsupervised intrusion detection for SCADA systems, Doctor of Philosophy (PhD), Computer Science and Information Technolgoy, RMIT University.


Document type: Thesis
Collection: Theses

Attached Files
Name Description MIMEType Size
Almalawi.pdf Thesis Click to show the corresponding preview/stream application/pdf;... 5.58MB
Title Designing unsupervised intrusion detection for SCADA systems
Author(s) Almalawi, A
Year 2014
Abstract Supervisory Control and Data Acquisition (SCADA) systems have been introduced to control and monitor industrial processes and our daily critical infrastructures such as electric power generation, water distribution and waste water collection systems. In recent years, the incorporation of Commercial-Off-The-Shelf (COTS) products such as standard hardware and software platforms have begun to be used in SCADA systems. This incorporation has allowed various products from different vendors to be integrated with each other to build a SCADA system at low cost. In addition, the integration of standard protocols (e.g. TCP/IP) into COTS products has increased their connectivity, thereby increasing productivity and profitability. However, this shift from proprietary and customized products to standard ones exposes these systems to cyber threats. An awareness of the potential threats to SCADA systems and the need to reduce risk and mitigate vulnerabilities has recently become an interesting research topic in the security area.

A number of security measures have been extensively used in traditional IT such as management, filtering, encryption and intrusion detection. However, such measures cannot be applied directly to SCADA systems without considering their different nature and characteristics. Moreover, none of these security measures can completely protect a system from the potential threats.
However, the full complement of these measures can create a robust security system. An Intrusion Detection System (IDS) is one of the security measures that has demonstrated promising results in detecting malicious activities in traditional IT systems, and therefore it has been adapted in SCADA systems. This thesis aims to develop an efficient and accurate unsupervised SCADA data-driven IDS. Four research tasks are being addressed in this thesis. The first task is related to the development of a framework for a SCADA security testbed that is intended to be an evaluation and testing environment for SCADA security in general, and for our proposed IDS in particular. While, the last three tasks are focused on developing a set of solutions that can, together, achieve the aim of this study.

Degree Doctor of Philosophy (PhD)
Institution RMIT University
School, Department or Centre Computer Science and Information Technolgoy
Keyword(s) Unsupervised detection
Cyber-warfare
Supervisory control and data acquisition (SCADA) systems
Intrusion Detection System
Versions
Version Filter Type
Access Statistics: 487 Abstract Views, 2046 File Downloads  -  Detailed Statistics
Created: Fri, 12 Dec 2014, 14:08:17 EST by Denise Paciocco
© 2014 RMIT Research Repository • Powered by Fez SoftwareContact us