• français
    • English
    français
  • Login
Help
View Item 
  •   Home
  • Institut de Recherche de l’École navale (IRENAV)
  • View Item
  • Home
  • Institut de Recherche de l’École navale (IRENAV)
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Improving SIEM for Critical SCADA Water Infrastructures Using Machine Learning

Ouvrage scientifique
Author
HINDY, Hanan
560778 Abertay University [Dundee]
ccBROSSET, David
13094 Institut de Recherche de l'Ecole Navale [IRENAV]
BAYNE, Ethan
560778 Abertay University [Dundee]
SEEAM, Amar
560789 Middlesex University Mauritius [Middlesex University Mauritius]
BELLEKENS, Xavier
560778 Abertay University [Dundee]

URI
http://hdl.handle.net/10985/15039
DOI
10.1007/978-3-030-12786-2_1
Date
2019

Abstract

Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the human factor burden and efficiently handle the complex process and communication of those systems. Supervisory control and data acquisition (SCADA) systems are used in industrial, infrastructure and facility processes (e.g. manufacturing, fabrication, oil and water pipelines, building ventilation, etc.) Like other Internet of Things (IoT) implementations, SCADA systems are vulnerable to cyber-attacks, therefore, a robust anomaly detection is a major requirement. However, having an accurate anomaly detection system is not an easy task, due to the difficulty to differentiate between cyber-attacks and system internal failures (e.g. hardware failures). In this paper, we present a model that detects anomaly events in a water system controlled by SCADA. Six Machine Learning techniques have been used in building and evaluating the model. The model classifies different anomaly events including hardware failures (e.g. sensor failures), sabotage and cyber-attacks (e.g. DoS and Spoofing). Unlike other detection systems, our proposed work helps in accelerating the mitigation process by notifying the operator with additional information when an anomaly occurs. This additional information includes the probability and confidence level of event(s) occurring. The model is trained and tested using a real-world dataset.

Files in this item

Name:
IRENAV_SPRINGER_2019_BROSSET.pdf
Size:
1.940Mb
Format:
PDF
Description:
IRENAV_SPRINGER_2019_BROSSET
View/Open

Collections

  • Institut de Recherche de l’École navale (IRENAV)

Related items

Showing items related by title, author, creator and subject.

  • A Human-Centred model for cyber attacks analysis 
    Communication avec acte
    MERIEN, Thibaud; BELLEKENS, Xavier; ccBROSSET, David; ccCLARAMUNT, Christophe (IEEE, 2018)
    Computer networks are ubiquitous and growing exponentially, with a predicted 50 billion devices connected by 2050. This tremendous growth dramatically increases the attack surface of both private and public networks. These ...
  • Diffusion and solubility of mineral oils through ethylene-vinyl acetate copolymer 
    Article dans une revue avec comité de lecture
    BELLILI, Amar; DAVID, Nicolas; WANG, Qingxiao; GOUTILLE, Yannick; ccRICHAUD, Emmanuel (Elsevier, 2012)
    This paper reports a study of mineral oil diffusion through a filled ethylene-vinyl acetate crosslinked polymer, together with some comparisons with aliphatic linear hydrocarbons. Permeation was monitored by classical ...
  • A Geographical - Based Multi - Criteria Approach for Marine Energy Farm Planning 
    Article dans une revue avec comité de lecture
    MASLOV, Nicolas; ccBROSSET, David; ccCLARAMUNT, Christophe; CHARPENTIER, Jean-Frederic (MDPI, 2014)
    The objective of this paper is to devise a strategy for developing a flexible tool to efficiently install a marine energy farm in a suitable area. The current methodology is applied to marine tidal current, although it can ...
  • Secured Architecture for Unmanned Surface Vehicle Fleets Management and Control 
    Communication avec acte
    MERINO LASO, Pedro; ccBROSSET, David; GIRAUD, Marie-Annick (IEEE, 2018)
    Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the human factor burden and efficiently handle the complex process and communication of those systems. Supervisory control and ...
  • Local and global spatio-temporal entropy indices based on distance- ratios and co-occurrences distributions 
    Article dans une revue avec comité de lecture
    LEIBOVICI, Didier G.; ccCLARAMUNT, Christophe; LE GUYADER, Damien; ccBROSSET, David (Taylor & Francis, 2014)
    When it comes to characterize the distribution of ‘things’ observed spatially and identified by their geometries and attributes, the Shannon entropy has been widely used in different domains such as ecology, regional ...

Browse

All SAMCommunities & CollectionsAuthorsIssue DateCenter / InstitutionThis CollectionAuthorsIssue DateCenter / Institution

Newsletter

Latest newsletterPrevious newsletters

Statistics

Most Popular ItemsStatistics by CountryMost Popular Authors

ÉCOLE NATIONALE SUPERIEURE D'ARTS ET METIERS

  • Contact
  • Mentions légales

ÉCOLE NATIONALE SUPERIEURE D'ARTS ET METIERS

  • Contact
  • Mentions légales