Research Output

Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features

  Industrial Control Systems have become a priority domain for cybersecurity practitioners due to the number of cyber-attacks against those systems has increased over the past few years. This paper proposes a real-time anomaly intrusion detector for a model of a clean water supply system. A testbed of such system is implemented using the Festo MPA Control Process Rig. A set of attacks to the testbed is conducted during the control process operation. During the attacks, the energy of the components is monitored and recorded to build a novel dataset for training and testing a total of five traditional supervised machine learning algorithms: K-Nearest Neighbour, Support Vector Machine, Decision Tree, Naïve Bayes and Multilayer Perceptron. The trained machine learning algorithms were built and deployed online, during the control system operation, for further testing. The performance obtained from offline and online training and testing steps are compared. The captures results show that KNN and SVM outperformed the rest of the algorithms by achieving high accuracy scores and low falsepositive, false-negative alerts.

  • Date:

    20 March 2020

  • Publication Status:

    Accepted

  • Funders:

    Edinburgh Napier Funded

Citation

Robles-Durazno, A., Moradpoor, N., McWhinnie, J., & Russell, G. (in press). Real-time anomaly intrusion detection for a clean water supply system, utilising machine learning with novel energy-based features

Authors

Keywords

Industrial Control System, Energy Monitoring, SCADA, KNN, SVM, Anomaly Detection, IDS

Monthly Views:

Available Documents