Probability Risk Identification Based Intrusion Detection System for SCADA Systems

Probability Risk Identification Based Intrusion Detection System for SCADA Systems

. As Supervisory Control and Data Acquisition (SCADA) systems control several critical infrastructures, they have connected to the internet. Consequently, SCADA systems face different sophisticated types of cyber adversaries. This paper suggests a Probability Risk Identification based Intrusion Dete...

Full description

Saved in:
Bibliographic Details
Main Authors: Marsden, Thomas, Moustafa, Nour, Sitnikova, Elena, Creech, Gideon
Format: Journal Article
Language:English
Published: 07-11-2017
Subjects:
Computer Science - Cryptography and Security
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:. As Supervisory Control and Data Acquisition (SCADA) systems control several critical infrastructures, they have connected to the internet. Consequently, SCADA systems face different sophisticated types of cyber adversaries. This paper suggests a Probability Risk Identification based Intrusion Detection System (PRI-IDS) technique based on analysing network traffic of Modbus TCP/IP for identifying replay attacks. It is acknowledged that Modbus TCP is usually vulnerable due to its unauthenticated and unencrypted nature. Our technique is evaluated using a simulation environment by configuring a testbed, which is a cus- tom SCADA network that is cheap, accurate and scalable. The testbed is exploited when testing the IDS by sending individual packets from an attacker located on the same LAN as the Modbus master and slave. The experimental results demonstrated that the proposed technique can effectively and efficiently recognise replay attacks.
DOI:10.48550/arxiv.1711.02826