Cyber Terror Attack Analysis for Industrial Control Systems (SCADA)

Creative Commons License

Söğüt E., Erdem O. A.

JOURNAL OF POLYTECHNIC-POLITEKNIK DERGISI, vol.23, pp.557-566, 2020 (ESCI) identifier


Supervisory Control and Data Acquisition Systems or Industrial Control Systems are the systems that control the critical infrastructures that are considered important. Attacks against critical infrastructures are considered as cyber terror attacks. Continuity of the operation of these critical infrastructures and ensuring the security of these critical infrastructures against cyber terror attacks are great importance. In this study, a data set of the gas pipeline control system, which is one of the critical infrastructures, is used. In the data set, several attacks were performed in the categories such as command injection, reconnaissance and denial of service for Modbus protocol which is one of the existing SCADA protocols. In this way, it is aimed to investigate and evaluate the behaviors of attacked and non-attacked situations. In addition, it is aimed to detect the attack. For this purpose, data mining method has been used with various algorithms on the data set. According to the analysis results, the most accurate classification rate is provided by Random Tree algorithm. By analyzing the results of this algorithm, cyber terror attack behaviors were determined and thus, an important contribution was made to the field of cyber terror attacks. In order to ensure cyber security of Supervisory Control and Data Acquisition Systems or Industrial Control Systems, such studies need to be carried out further and new data sets should be produced and put into use.