Combining ensemble methods and social network metrics for improving accuracy of OCSVM on intrusion detection in SCADA systems



Modern Supervisory Control and Data Acquisition (SCADA) systems used by the electric utility industry to monitor and control electric power generation, transmission and distribution are recognized today as critical components of the electric power delivery infrastructure. SCADA systems are large, complex and incorporate increasing numbers of widely distributed
The presence of a real time intrusion detection mechanism, which can cope with dierent types of attacks, is of great importance, in order to defend a system against cyber attacks This defense mechanism must be distributed, cheap and above all accurate, since false positive alarms, or mistakes regarding the origin of the intrusion mean severe costs for the system.
Recently an integrated detection mechanism, namely IT-OCSVM was proposed, which is distributed in a SCADA network as a part of a distributed intrusion detection system (DIDS), providing accurate data about the origin and the time of an intrusion. In this paper we also analyze the architecture of the integrated detection mechanism and we perform extensive simulations based on real cyber attacks in a small SCADA testbed in order to evaluate the performance of the proposed mechanism.


OCSVM, Intrusion detection, SCADA systems; Social analysis


Elsevier Journal of Information Security and Applications, Antony TS Ho, May 2016

PDF File


Cited by

Year 2019 : 2 citations

 Kensuke TAMURA, Kanta MATSUURA, Improvement of Anomaly Detection Performance Using Packet Flow Regularity in Industrial Control Networks, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2019, Volume E102.A, Issue 1, Pages 65-73, Released January 01, 2019, Online ISSN 1745-1337, Print ISSN 0916-8508,

 Aya Ayadi, Oussama Ghorbel, M.S. BenSalah, Mohamed Abid, Kernelized technique for outliers detection to monitoring water pipeline based on WSNs, Elsevier Computer Networks, Volume 150, 2019, Pages 179-189, ISSN 1389-1286,
DOI: 10.1016/j.comnet.2019.01.004

Year 2018 : 7 citations

 Yafang Yang, Bin Guo, Zhu Wang, Mingyang Li, Zhiwen Yu, Xingshe Zhou, "BehaveSense: Continuous Authentication for Security-Sensitive Mobile Apps using Behavioral Biometrics", Elsevier Ad Hoc Networks, 2018, ISSN 1570-8705, (

 F. Schuster, F. M. Kopp, A. Paul and H. König, "Attack and Fault Detection in Process Control Communication Using Unsupervised Machine Learning," 2018 IEEE 16th International Conference on Industrial Informatics (INDIN), Porto, Portugal, July 2018, pp. 433-438. doi: 10.1109/INDIN.2018.8472054

 F. Schuster, A. Paul, F. M. Kopp and H. König, "Catching Intrusions: Classifier Performances for Detecting Network-specific Anomalies in Energy Systems," 2018 International Conference on Smart Energy Systems and Technologies (SEST), Sevilla, Spain, Sep 2018, pp. 1-6. doi: 10.1109/SEST.2018.8495702

 Oyeniyi Akeem Alimi, Khmaies Ouahada, Security Assessment of the Smart Grid: A Review focusing on the NAN Architecture. In Proc. of Conference: 2018 IEEE 7th International Conference on Adaptive Science & Technology (ICAST), August 2018. DOI: 10.1109/ICASTECH.2018.8506847.

 Paramkusem, Krishna Madhuri and Aygun, Ramazan S., "Classifying Categories of SCADA Attacks in a Big Data Framework", Annals of Data Science, january 2018. doi=10.1007/s40745-018-0141-8

 Mehrdad, S., Mousavian, S., Madraki, G. et al., "Cyber-Physical Resilience of Electrical Power Systems Against Malicious Attacks: a Review", in Springer Current Sustainable Renewable Energy Reports (2018).

 Li Ting ; Hong Zhennan ; Liu Zhiyong ; Xiao Tizheng, Intrusion Detection of Industrial Control System Based on Incremental Single Class Support Vector Machine, Information and Control, China Automation Society, issue 6, December 2018. DOI:10.13976/j.cnki.xk.2018.7431

Year 2017 : 6 citations

 TRI SI DOAN, "ENSEMBLE LEARNING FOR MULTIPLE DATA MINING PROBLEMS", Ph.D Thesis, Department of Computer Science, University of Colorado Colorado Springs, Advisor: Professor, Chair Jugal Kalita. URL:

 Moustafa, Nour. (2017). Designing an online and reliable statistical anomaly detection framework for dealing with large high-speed network traffic, PhD Thesis, October 2017.

 Kannan, Subramaniyam, Paul Wood, Larry Deatrick, Patricia Beane, Somali Chaterji, and Saurabh Bagchi. "MAAT: Multi-Stage Attack Attribution in Enterprise Systems using Software Defined Networks.", EAI Endorsed Transactions on Security and Safety, 2018. Available at:

 Shang Wenli, An Panfeng, Wan Ming, Zhao Jianming, Zeng Peng, "Research and development overview of intrusion detection technology in industrial control system", Journal of Application Research of Computers, Vol 34 (2), ISSN: 1001-3695,pp:328-333, 342 2017. Available at: DOI: 10.3969/j.issn.1001-3695.2017.02.002.

 Ahmad, Rami Haidar and Al-Sakib Khan Pathan. "A Study on M2M (Machine to Machine) System and Communication: Its Security, Threats, and Intrusion Detection System." The Internet of Things: Breakthroughs in Research and Practice. IGI Global, 2017. 205-240. Web. 17 Aug. 2017. doi:10.4018/978-1-5225-1832-7.ch010

 Q. Niyaz, W. Sun, A. Javaid, "A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)", EAI Endorsed Transactions on Security and Safety 17(12): e2, published on the 28 dez 2017. DOI: 10.4108/eai.28-12-2017.153515

Year 2016 : 1 citations

 S. Lee, H. Yoo, J. Seo and T. Shon, "Packet Diversity-Based Anomaly Detection System with OCSVM and Representative Model," 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Chengdu, 2016, pp. 498-503. doi: 10.1109/iThings-GreenCom-CPSCom-SmartData.2016.116