Examines the design and use of Intrusion Detection Systems (IDS) to secure Supervisory Control and Data Acquisition (SCADA) systems
Cyber-attacks on SCADA systems–the control system architecture that uses computers, networked data communications, and graphical user interfaces for high-level process supervisory management–can lead to costly financial consequences or even result in loss of life. Minimizing potential risks and responding to malicious actions requires innovative approaches for monitoring SCADA systems and protecting them from targeted attacks. SCADA Security: Machine Learning Concepts for Intrusion Detection and Prevention is designed to help security and networking professionals develop and deploy accurate and effective Intrusion Detection Systems (IDS) for SCADA systems that leverage autonomous machine learning.
Providing expert insights, practical advice, and up-to-date coverage of developments in SCADA security, this authoritative guide presents a new approach for efficient unsupervised IDS driven by SCADA-specific data. Organized into eight in-depth chapters, the text first discusses how traditional IT attacks can also be possible against SCADA, and describes essential SCADA concepts, systems, architectures, and main components. Following chapters introduce various SCADA security frameworks and approaches, including evaluating security with virtualization-based SCADAVT, using SDAD to extract proximity-based detection, finding a global and efficient anomaly threshold with GATUD, and more. This important book:
* Provides diverse perspectives on establishing an efficient IDS approach that can be implemented in SCADA systems
* Describes the relationship between main components and three generations of SCADA systems
* Explains the classification of a SCADA IDS based on its architecture and implementation
* Surveys the current literature in the field and suggests possible directions for future research
SCADA Security: Machine Learning Concepts for Intrusion Detection and Prevention is a must-read for all SCADA security and networking researchers, engineers, system architects, developers, managers, lecturers, and other SCADA security industry practitioners.
Tabella dei contenuti
Foreword ix
Preface xi
Acronyms xv
1. Introduction 1
2. Background 15
3. SCADA-Based Security Testbed 25
4. Efficient k-Nearest Neighbour Approach Based on Various-Widths Clustering 63
5. SCADA Data-Driven Anomaly Detection 87
6. A Global Anomaly Threshold to Unsupervised Detection 119
7. Threshold Password-Authenticated Secret Sharing Protocols 151
8. Conclusion 179
References 185
Index 195
Circa l’autore
ABDULMOHSEN ALMALAWI, PHD, is Assistant Professor, Department of Computer Science, University of King Abdulaziz, Saudi Arabia. His research is focused on machine learning. He is co-author of Network Classification for Traffic Management.
ZAHIR TARI, PHD, is Professor at RMIT University, Australia. He is on the editorial board of several journals, including ACM Computing Surveys, IEEE Transactions on Computers, IEEE Transactions on Parallel and Distributed Systems, and IEEE Cloud Computing.
ADIL FAHAD, PHD, is Assistant Professor, Department of Computer Science, University of Albaha, Saudi Arabia. His research interests are in the areas of wireless sensor networks, mobile networks, SCADA security, and ad-hoc networks with emphasis on data mining, statistical analysis/modelling, and machine learning.
XUN YI, PHD, is Professor, School of Computer Science and Information Technology, RMIT University, Australia. He has published more than 150 research papers in international journals and has led several Australia Research Council (ARC) Discovery projects. He is Associate Editor of IEEE Transactions on Dependable and Secure Computing.