OCSVM-Based Novelty Detector on PLC as a Cyber Attack and Fault Application in SCADA System

Contenu principal de l'article

Andrés Sánchez Prisco, John Anderson Gómez-Múnera, Alejandro Giraldo-Quintero, John Freddy Duitama, Elena Romero, José David Ruiz-Ariza, Javier Jiménez-Cabas


The central goal of an Intrusion Detection System (IDS) is to find possible attacks or abnormal behaviors within a network or system. Industrial Control Systems or SCADA Systems are increasingly robust and sophisticated, allowing remotely observing and manipulating variables in PLC controllers. Moreover, information exchange and monitoring have been integrated through the internet employing IoT in recent years, thereby causing the possibility of cyber-attacks that can risk the system and even a country’s national security. Considering that the network’s behavior-based intrusion detection cannot expose the potential intrusion to the system, it is proposed to create an inferential model through supervised machine learning to look for abnormal behaviors within the industrial network. The model for IDS is built through the One-Class Support Vector Machine technique for a SCADA system of classification of boxes. The effect is examined utilizing the confusion matrix.

Renseignements sur l'article