Improving SIEM for Critical SCADA Water Infrastructures Using Machine Learning
Ouvrage scientifique
Auteur
Résumé
Network Control Systems (NAC) have been used in many industrial processes. They aim to reduce the human factor burden and efficiently handle the complex process and communication of those systems. Supervisory control and data acquisition (SCADA) systems are used in industrial, infrastructure and facility processes (e.g. manufacturing, fabrication, oil and water pipelines, building ventilation, etc.) Like other Internet of Things (IoT) implementations, SCADA systems are vulnerable to cyber-attacks, therefore, a robust anomaly detection is a major requirement. However, having an accurate anomaly detection system is not an easy task, due to the difficulty to differentiate between cyber-attacks and system internal failures (e.g. hardware failures). In this paper, we present a model that detects anomaly events in a water system controlled by SCADA. Six Machine Learning techniques have been used in building and evaluating the model. The model classifies different anomaly events including hardware failures (e.g. sensor failures), sabotage and cyber-attacks (e.g. DoS and Spoofing). Unlike other detection systems, our proposed work helps in accelerating the mitigation process by notifying the operator with additional information when an anomaly occurs. This additional information includes the probability and confidence level of event(s) occurring. The model is trained and tested using a real-world dataset.
Fichier(s) constituant cette publication
- Nom:
- IRENAV_SPRINGER_2019_BROSSET.pdf
- Taille:
- 1.940Mo
- Format:
- Description:
- IRENAV_SPRINGER_2019_BROSSET
Cette publication figure dans le(s) laboratoire(s) suivant(s)
Documents liés
Visualiser des documents liés par titre, auteur, créateur et sujet.
-
Communication avec acteComputer networks are ubiquitous and growing exponentially, with a predicted 50 billion devices connected by 2050. This tremendous growth dramatically increases the attack surface of both private and public networks. These ...
-
Article dans une revue avec comité de lectureLEIBOVICI, Didier G.; LE GUYADER, Damien; CLARAMUNT, Christophe; BROSSET, David (Taylor & Francis, 2014)When it comes to characterize the distribution of ‘things’ observed spatially and identified by their geometries and attributes, the Shannon entropy has been widely used in different domains such as ecology, regional ...
-
Article dans une revue avec comité de lectureWAKAMIYA, Shoko; BELOUAER, Lamia; KAWAI, Yukiko; SUMIYA, Kazutoshi; CLARAMUNT, Christophe; BROSSET, David (2015)The research introduced in this paper develops a semantic model whose objective is to analyze the geographical and emotion-based distribution of tweets at a large country scale. The approach extracts and categorizes tweets ...
-
A flexible decision-aid system for sites selection and technology options for a marine energy system Communication avec acteThe aim of the paper is to introduce a flexible system whose objective is to help industrials and decision-makers to efficiently install a marine energy farm in a suitable area and to facilitate expertise between stakeholders. ...
-
Article dans une revue avec comité de lectureThe objective of this paper is to devise a strategy for developing a flexible tool to efficiently install a marine energy farm in a suitable area. The current methodology is applied to marine tidal current, although it can ...