Intrusion Detection in SCADA System: A Survey

Zeng, Pengyu; Zhou, Peng

doi:10.1007/978-981-13-2384-3_32

Cited by 11 publications

(7 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These vulnerabilities are classified in [11] into five categories: policies and procedures, architecture and design, configuration and maintenance, physical and software development, and communication and networking. Four other categories were presented in [12]; security policy, communication protocols, architectural and hardware, and software vulnerabilities. The authors in [11] also discussed five factors that might affect the vulnerabilities of traditional SCADA systems, which are: human errors, lack of resources for physical devices, proprietary protocols, unsecure legacy systems, and accidents caused by negligence and equipment failure.…”

Section: ) General Attacks Classificationsmentioning

confidence: 99%

“…One of the main threats of IIoT, defined by Ulltveit-Moe et al [26], is an insider threat that can be performed by employees or IIoT vendors who have authorization to access or control sensors in the networks. Finally, the absence of efficient user authentication and authorization [18], privilege escalation, social engineering, and deficient control access [22] are also considered major security threats and risks for cloud-based SCADA systems [12].…”

Section: ) Insider Attacksmentioning

confidence: 99%

See 1 more Smart Citation

Analysis of Security Challenges in Cloud-Based SCADA Systems: A Survey

Wali¹

2022

Preprint

View full text Add to dashboard Cite

<p>Supervisory control and data acquisition (SCADA) systems allow industrial organizations to control and monitor real-time data and industrial processes. Moving SCADA systems to the cloud environments can improve the performance of traditional SCADA systems by enhancing features such as storage capacity, reliability and availability, security measures, as well as reducing technical and industrial costs. However, cloud cyberattacks are rapidly increasing, posing a major challenge to such type of systems. In addition, these cyberattacks still remains scattered across many research, and much of published research on cloud-based SCADA systems has been focused on narrow sets of attacks. Thus, this research provides a survey and an analysis of the most common cybersecurity attacks and challenges that cloud-based SCADA systems might experience. It also conducts a security risk assessment of the analyzed attacks. Finally, it proposes the existing suitable detection and prevention techniques to mitigate the impact of cyberattacks on such critical control systems.</p>

show abstract

Section: ) General Attacks Classificationsmentioning

confidence: 99%

Section: ) Insider Attacksmentioning

confidence: 99%

Analysis of Security Challenges in Cloud-Based SCADA Systems: A Survey

Wali¹

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…However, their focus is on the general concept of cyber-physical systems and not specific on ICSs. Zeng and Zhou [90] have studied the available approaches for intrusion detection systems (IDSs) deployed in ICSs. A taxonomy of the relevant vulnerabilities in these systems is also brought up.…”

Section: Available Surveysmentioning

confidence: 99%

Cybersecurity for industrial control systems: A survey

Bhamare

Zolanvari

Erbad

et al. 2020

Computers & Security

155

View full text Add to dashboard Cite

Industrial Control System (ICS) is a general term that includes supervisory control & data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC). ICSs are often found in the industrial sectors and critical infrastructures, such as nuclear and thermal plants, water treatment facilities, power generation, heavy industries, and distribution systems. Though ICSs were kept isolated from the Internet for so long, significant achievable business benefits are driving a convergence between ICSs and the Internet as well as information technology (IT) environments, such as cloud computing. As a result, ICSs have been exposed to the attack vectors used in the majority of cyber-attacks. However, ICS devices are inherently much less secure against such advanced attack scenarios. A compromise to ICS can lead to enormous physical damage and danger to human lives. In this work, we have a close look at the shift of the ICS from stand-alone systems to cloud-based environments. Then we discuss the major works, from industry and academia towards the development of the secure ICSs, especially applicability of the machine learning techniques for the ICS cyber-security. The work may help to address the challenges of securing industrial processes, particularly while migrating them to the cloud environments.

show abstract

“…Much research has been done in recent years on developing intrusion detection mechanisms for SCADA systems. For instance, see some relevant survey papers [40][41][42][43][44].…”

Section: Related Workmentioning

confidence: 99%

A stacked deep learning approach to cyber-attacks detection in industrial systems: application to power system and gas pipeline systems

Harrou

Bouyeddou

et al. 2021

Cluster Comput

View full text Add to dashboard Cite

Presently, Supervisory Control and Data Acquisition (SCADA) systems are broadly adopted in remote monitoring large-scale production systems and modern power grids. However, SCADA systems are continuously exposed to various heterogeneous cyberattacks, making the detection task using the conventional intrusion detection systems (IDSs) very challenging. Furthermore, conventional security solutions, such as firewalls, and antivirus software, are not appropriate for fully protecting SCADA systems because they have distinct specifications. Thus, accurately detecting cyber-attacks in critical SCADA systems is undoubtedly indispensable to enhance their resilience, ensure safe operations, and avoid costly maintenance. The overarching goal of this paper is to detect malicious intrusions that already detoured traditional IDS and firewalls. In this paper, a stacked deep learning method is introduced to identify malicious attacks targeting SCADA systems. Specifically, we investigate the feasibility of a deep learning approach for intrusion detection in SCADA systems. Real data sets from two laboratory-scale SCADA systems, a two-line three-bus power transmission system and a gas pipeline are used to evaluate the proposed method’s performance. The results of this investigation show the satisfying detection performance of the proposed stacked deep learning approach. This study also showed that the proposed approach outperformed the standalone deep learning models and the state-of-the-art algorithms, including Nearest neighbor, Random forests, Naive Bayes, Adaboost, Support Vector Machine, and oneR. Besides detecting the malicious attacks, we also investigate the feature importance of the cyber-attacks detection process using the Random Forest procedure, which helps design more parsimonious models.

show abstract

Intrusion Detection in SCADA System: A Survey

Cited by 11 publications

References 30 publications

Analysis of Security Challenges in Cloud-Based SCADA Systems: A Survey

Analysis of Security Challenges in Cloud-Based SCADA Systems: A Survey

Cybersecurity for industrial control systems: A survey

A stacked deep learning approach to cyber-attacks detection in industrial systems: application to power system and gas pipeline systems

Contact Info

Product

Resources

About