Attack Detection on Testbed for Scada Security


Creative Commons License

Söğüt E., Erdem O. A.

in: Engineering Cyber-Physical Systems and Critical Infrastructures, D. Jude Hemanth,Tuncay Yigit,Utku Kose,Ugur Guvenc, Editor, Springer Nature, Aarau, pp.415-422, 2023

  • Publication Type: Book Chapter / Chapter Research Book
  • Publication Date: 2023
  • Publisher: Springer Nature
  • City: Aarau
  • Page Numbers: pp.415-422
  • Editors: D. Jude Hemanth,Tuncay Yigit,Utku Kose,Ugur Guvenc, Editor
  • Gazi University Affiliated: Yes

Abstract

Supervisory Control and Data Acquisition Systems (SCADA) performs inspection and monitoring tasks in critical infrastructures or facilities. Attackers target SCADA systems to damage these structures or facilities. Performance loss of SCADA systems can negatively affect the entire system or stop the operation of the entire system. Therefore, it has become necessary to provide cyber security of SCADA systems against attacks. In this study, the dataset obtained from the test bed containing the SCADA system was used. Different attack examples were applied to this test bed and the attack results were examined. Accordingly, the dataset includes DDoS attack data such as Modbus Query Flooding, ICMP Flooding and TCP SYN Flooding. Classification was made using machine learning algorithms to predict the attack type. In addition to machine learning, a method for feature selection is also used in the study. According to the results obtained, the highest success rates for both stages were obtained with Decision Tree, K-Nearest Neighbors Regressor and K-Nearest Neighbors Classifier.