Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection

Security maintenance of Supervisory Control and Data Acquisition (SCADA) systems has been a point of interest during recent years. Numerous research works have been dedicated to the design of intrusion detection systems for securing SCADA communications. Nevertheless, these data-driven techniques ar...

Full description

Saved in:
Bibliographic Details
Main Authors: Hallaji, Ehsan, Razavi-Far, Roozbeh, Saif, Mehrdad
Format: Conference Proceeding
Language:English
Subjects:
cyberphysical systems
Data models
ensemble learning
Feature extraction
Feature selection
Intrusion detection
Mutual information
Pipelines
Redundancy
SCADA
SCADA systems
supervised learning
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 8
container_issue
container_start_page 1
container_title
container_volume
creator Hallaji, Ehsan
Razavi-Far, Roozbeh
Saif, Mehrdad
description Security maintenance of Supervisory Control and Data Acquisition (SCADA) systems has been a point of interest during recent years. Numerous research works have been dedicated to the design of intrusion detection systems for securing SCADA communications. Nevertheless, these data-driven techniques are usually dependant on the quality of the monitored data. In this work, we propose a novel feature selection approach, called MSFS, to tackle undesirable quality of data caused by feature redundancy. In contrast to most feature selection techniques, the proposed method models each class in a different subspace, where it is optimally discriminated. This has been accomplished by resorting to ensemble learning, which enables the usage of multiple feature sets in the same feature space. The proposed method is then utilized to perform intrusion detection in smaller subspaces, which brings about efficiency and accuracy. Moreover, a comparative study is performed on a number of advanced feature selection algorithms. Furthermore, a dataset obtained from the SCADA system of a gas pipeline is employed to enable a realistic simulation. The results indicate the proposed approach extensively improves the detection performance in terms of classification accuracy and standard deviation.
doi_str_mv 10.1109/IJCNN48605.2020.9207066
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_9207066</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9207066</ieee_id><sourcerecordid>9207066</sourcerecordid><originalsourceid>FETCH-LOGICAL-i203t-e69009e7fe4556052790fed418ae1489caac1152b67a811b6d92b64bae74f54e3</originalsourceid><addsrcrecordid>eNotj8FKw0AURUdBsK1-gQvnBxLfm0xmMsuQWq20VYiuy0v6AiNJUzqJ4N9baVf3LC6He4V4RIgRwT0t34rNRmcG0liBgtgpsGDMlZiiVRkap4y9FhOFBiOtwd6KaQjfACpxLpmIjzkPXA--38u-kWtqfe37MciyyOe5LPquG_e-pv9CkD-e5HpsBx-VYxUOVLNcMA3jkWXJ7VlzJ24aagPfX3ImvhbPn8VrtHp_WRb5KvIKkiFi4wAc24Z1mp7GK-ug4Z3GjBh15mqiGjFVlbGUIVZm506sK2Krm1RzMhMPZ69n5u3h6Ds6_m4v75M_v0RPXw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection</title><source>IEEE Xplore All Conference Series</source><creator>Hallaji, Ehsan ; Razavi-Far, Roozbeh ; Saif, Mehrdad</creator><creatorcontrib>Hallaji, Ehsan ; Razavi-Far, Roozbeh ; Saif, Mehrdad</creatorcontrib><description>Security maintenance of Supervisory Control and Data Acquisition (SCADA) systems has been a point of interest during recent years. Numerous research works have been dedicated to the design of intrusion detection systems for securing SCADA communications. Nevertheless, these data-driven techniques are usually dependant on the quality of the monitored data. In this work, we propose a novel feature selection approach, called MSFS, to tackle undesirable quality of data caused by feature redundancy. In contrast to most feature selection techniques, the proposed method models each class in a different subspace, where it is optimally discriminated. This has been accomplished by resorting to ensemble learning, which enables the usage of multiple feature sets in the same feature space. The proposed method is then utilized to perform intrusion detection in smaller subspaces, which brings about efficiency and accuracy. Moreover, a comparative study is performed on a number of advanced feature selection algorithms. Furthermore, a dataset obtained from the SCADA system of a gas pipeline is employed to enable a realistic simulation. The results indicate the proposed approach extensively improves the detection performance in terms of classification accuracy and standard deviation.</description><identifier>EISSN: 2161-4407</identifier><identifier>EISBN: 1728169267</identifier><identifier>EISBN: 9781728169262</identifier><identifier>DOI: 10.1109/IJCNN48605.2020.9207066</identifier><language>eng</language><publisher>IEEE</publisher><subject>cyberphysical systems ; Data models ; ensemble learning ; Feature extraction ; Feature selection ; Intrusion detection ; Mutual information ; Pipelines ; Redundancy ; SCADA ; SCADA systems ; supervised learning</subject><ispartof>2020 International Joint Conference on Neural Networks (IJCNN), 2020, p.1-8</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9207066$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,23910,23911,25119,27904,54534,54911</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9207066$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Hallaji, Ehsan</creatorcontrib><creatorcontrib>Razavi-Far, Roozbeh</creatorcontrib><creatorcontrib>Saif, Mehrdad</creatorcontrib><title>Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection</title><title>2020 International Joint Conference on Neural Networks (IJCNN)</title><addtitle>IJCNN</addtitle><description>Security maintenance of Supervisory Control and Data Acquisition (SCADA) systems has been a point of interest during recent years. Numerous research works have been dedicated to the design of intrusion detection systems for securing SCADA communications. Nevertheless, these data-driven techniques are usually dependant on the quality of the monitored data. In this work, we propose a novel feature selection approach, called MSFS, to tackle undesirable quality of data caused by feature redundancy. In contrast to most feature selection techniques, the proposed method models each class in a different subspace, where it is optimally discriminated. This has been accomplished by resorting to ensemble learning, which enables the usage of multiple feature sets in the same feature space. The proposed method is then utilized to perform intrusion detection in smaller subspaces, which brings about efficiency and accuracy. Moreover, a comparative study is performed on a number of advanced feature selection algorithms. Furthermore, a dataset obtained from the SCADA system of a gas pipeline is employed to enable a realistic simulation. The results indicate the proposed approach extensively improves the detection performance in terms of classification accuracy and standard deviation.</description><subject>cyberphysical systems</subject><subject>Data models</subject><subject>ensemble learning</subject><subject>Feature extraction</subject><subject>Feature selection</subject><subject>Intrusion detection</subject><subject>Mutual information</subject><subject>Pipelines</subject><subject>Redundancy</subject><subject>SCADA</subject><subject>SCADA systems</subject><subject>supervised learning</subject><issn>2161-4407</issn><isbn>1728169267</isbn><isbn>9781728169262</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2020</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotj8FKw0AURUdBsK1-gQvnBxLfm0xmMsuQWq20VYiuy0v6AiNJUzqJ4N9baVf3LC6He4V4RIgRwT0t34rNRmcG0liBgtgpsGDMlZiiVRkap4y9FhOFBiOtwd6KaQjfACpxLpmIjzkPXA--38u-kWtqfe37MciyyOe5LPquG_e-pv9CkD-e5HpsBx-VYxUOVLNcMA3jkWXJ7VlzJ24aagPfX3ImvhbPn8VrtHp_WRb5KvIKkiFi4wAc24Z1mp7GK-ug4Z3GjBh15mqiGjFVlbGUIVZm506sK2Krm1RzMhMPZ69n5u3h6Ds6_m4v75M_v0RPXw</recordid><startdate>202007</startdate><enddate>202007</enddate><creator>Hallaji, Ehsan</creator><creator>Razavi-Far, Roozbeh</creator><creator>Saif, Mehrdad</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>202007</creationdate><title>Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection</title><author>Hallaji, Ehsan ; Razavi-Far, Roozbeh ; Saif, Mehrdad</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i203t-e69009e7fe4556052790fed418ae1489caac1152b67a811b6d92b64bae74f54e3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2020</creationdate><topic>cyberphysical systems</topic><topic>Data models</topic><topic>ensemble learning</topic><topic>Feature extraction</topic><topic>Feature selection</topic><topic>Intrusion detection</topic><topic>Mutual information</topic><topic>Pipelines</topic><topic>Redundancy</topic><topic>SCADA</topic><topic>SCADA systems</topic><topic>supervised learning</topic><toplevel>online_resources</toplevel><creatorcontrib>Hallaji, Ehsan</creatorcontrib><creatorcontrib>Razavi-Far, Roozbeh</creatorcontrib><creatorcontrib>Saif, Mehrdad</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Hallaji, Ehsan</au><au>Razavi-Far, Roozbeh</au><au>Saif, Mehrdad</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection</atitle><btitle>2020 International Joint Conference on Neural Networks (IJCNN)</btitle><stitle>IJCNN</stitle><date>2020-07</date><risdate>2020</risdate><spage>1</spage><epage>8</epage><pages>1-8</pages><eissn>2161-4407</eissn><eisbn>1728169267</eisbn><eisbn>9781728169262</eisbn><abstract>Security maintenance of Supervisory Control and Data Acquisition (SCADA) systems has been a point of interest during recent years. Numerous research works have been dedicated to the design of intrusion detection systems for securing SCADA communications. Nevertheless, these data-driven techniques are usually dependant on the quality of the monitored data. In this work, we propose a novel feature selection approach, called MSFS, to tackle undesirable quality of data caused by feature redundancy. In contrast to most feature selection techniques, the proposed method models each class in a different subspace, where it is optimally discriminated. This has been accomplished by resorting to ensemble learning, which enables the usage of multiple feature sets in the same feature space. The proposed method is then utilized to perform intrusion detection in smaller subspaces, which brings about efficiency and accuracy. Moreover, a comparative study is performed on a number of advanced feature selection algorithms. Furthermore, a dataset obtained from the SCADA system of a gas pipeline is employed to enable a realistic simulation. The results indicate the proposed approach extensively improves the detection performance in terms of classification accuracy and standard deviation.</abstract><pub>IEEE</pub><doi>10.1109/IJCNN48605.2020.9207066</doi><tpages>8</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier EISSN: 2161-4407
ispartof 2020 International Joint Conference on Neural Networks (IJCNN), 2020, p.1-8
issn 2161-4407
language eng
recordid cdi_ieee_primary_9207066
source IEEE Xplore All Conference Series
subjects cyberphysical systems
Data models
ensemble learning
Feature extraction
Feature selection
Intrusion detection
Mutual information
Pipelines
Redundancy
SCADA
SCADA systems
supervised learning
title Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-23T00%3A38%3A41IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Detection%20of%20Malicious%20SCADA%20Communications%20via%20Multi-Subspace%20Feature%20Selection&rft.btitle=2020%20International%20Joint%20Conference%20on%20Neural%20Networks%20(IJCNN)&rft.au=Hallaji,%20Ehsan&rft.date=2020-07&rft.spage=1&rft.epage=8&rft.pages=1-8&rft.eissn=2161-4407&rft_id=info:doi/10.1109/IJCNN48605.2020.9207066&rft.eisbn=1728169267&rft.eisbn_list=9781728169262&rft_dat=%3Cieee_CHZPO%3E9207066%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i203t-e69009e7fe4556052790fed418ae1489caac1152b67a811b6d92b64bae74f54e3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=9207066&rfr_iscdi=true