Common criteria for security evaluation and malicious intrusion detection mechanism of dam supervisory control and data acquisition system

IF 1.3 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS IET Networks Pub Date : 2024-06-06 DOI:10.1049/ntw2.12127

Kuan-Chu Lu, I. Liu, Zong‐Chao Liu, Jung-Shian Li

{"title":"Common criteria for security evaluation and malicious intrusion detection mechanism of dam supervisory control and data acquisition system","authors":"Kuan-Chu Lu, I. Liu, Zong‐Chao Liu, Jung-Shian Li","doi":"10.1049/ntw2.12127","DOIUrl":null,"url":null,"abstract":"Supervisory control and data acquisition (SCADA) systems are vital in monitoring and controlling industrial processes through the web. However, while such systems result in lower costs, greater utilisation efficiency, and improved reliability, they are vulnerable to cyberattacks, with consequences ranging from the inconvenience and minor disruption to severe physical damage and even loss of life. The authors evaluate the security of the Dam system in the form of Common Criteria, develop safety goals to improve this safety, and focus on threats and risks to the dam SCADA system. Finally proposes an anomaly‐based machine‐learning framework for detecting malicious network attacks in the SCADA system of a dam. Three unsupervised classification algorithms are considered: hierarchical clustering, local outlier factor, and isolation forest. It is shown that the hierarchical clustering algorithm achieves the highest precision and F‐score of the three algorithms. Overall, the results confirm the effectiveness of anomaly‐based detection algorithms in enhancing the robustness of SCADA systems toward malicious attacks. At the same time, it complies with the security objectives of Common Criteria, achieving the safety and protection of the dam.","PeriodicalId":46240,"journal":{"name":"IET Networks","volume":null,"pages":null},"PeriodicalIF":1.3000,"publicationDate":"2024-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1049/ntw2.12127","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Supervisory control and data acquisition (SCADA) systems are vital in monitoring and controlling industrial processes through the web. However, while such systems result in lower costs, greater utilisation efficiency, and improved reliability, they are vulnerable to cyberattacks, with consequences ranging from the inconvenience and minor disruption to severe physical damage and even loss of life. The authors evaluate the security of the Dam system in the form of Common Criteria, develop safety goals to improve this safety, and focus on threats and risks to the dam SCADA system. Finally proposes an anomaly‐based machine‐learning framework for detecting malicious network attacks in the SCADA system of a dam. Three unsupervised classification algorithms are considered: hierarchical clustering, local outlier factor, and isolation forest. It is shown that the hierarchical clustering algorithm achieves the highest precision and F‐score of the three algorithms. Overall, the results confirm the effectiveness of anomaly‐based detection algorithms in enhancing the robustness of SCADA systems toward malicious attacks. At the same time, it complies with the security objectives of Common Criteria, achieving the safety and protection of the dam.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

大坝监控与数据采集系统安全评估的通用标准和恶意入侵检测机制

监控和数据采集 (SCADA) 系统对通过网络监控工业流程至关重要。然而，这些系统在降低成本、提高利用效率和可靠性的同时，也很容易受到网络攻击，其后果轻则造成不便和轻微中断，重则造成严重的物理损坏，甚至造成人员伤亡。作者以通用标准的形式评估了大坝系统的安全性，制定了提高安全性的安全目标，并重点关注了大坝 SCADA 系统面临的威胁和风险。最后提出了一个基于异常的机器学习框架，用于检测大坝 SCADA 系统中的恶意网络攻击。考虑了三种无监督分类算法：分层聚类、局部离群因子和隔离林。结果表明，在三种算法中，分层聚类算法的精度和 F 分数最高。总体而言，结果证实了基于异常检测算法在增强 SCADA 系统对恶意攻击的鲁棒性方面的有效性。同时，它符合通用标准的安全目标，实现了对大坝的安全保护。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IET Networks COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

5.00

自引率

0.00%

发文量

审稿时长

33 weeks

期刊介绍： IET Networks covers the fundamental developments and advancing methodologies to achieve higher performance, optimized and dependable future networks. IET Networks is particularly interested in new ideas and superior solutions to the known and arising technological development bottlenecks at all levels of networking such as topologies, protocols, routing, relaying and resource-allocation for more efficient and more reliable provision of network services. Topics include, but are not limited to: Network Architecture, Design and Planning, Network Protocol, Software, Analysis, Simulation and Experiment, Network Technologies, Applications and Services, Network Security, Operation and Management.