A Novel Intrusion Detection Mechanism for SCADA systems that Automatically Adapts to Changes in Network Topology



Industrial Control Systems (ICS) are getting more vulnerable as they become increasingly interconnected with other systems. Industrial Internet of Things(IIoT) will bring new opportunities to business and society, along with new threats and security risks. One major change that ICS will face will be that of the dynamic network topology. Changes in the network architecture will affect the performance of the ICS along with the efficiency of the security mechanisms that are deployed. The current article investigates how changes in the network architecture of a supervisory control and data acquisition (SCADA) system affect the performance of an
Intrusion Detection System IDS that is based on the One class Support Vector Machine (OCSVM). Also the article proposes an adaptive mechanism that can cope with such changes and can work in real time situations.
The performance of the proposed adaptive IDS is tested using traces from a Hybrid ICS testbed with a dynamic topology.

Related Project

FP7 CockpitCI: Cybersecurity on SCADA: risk prediction, analysis and reaction tools for Critical Infrastructures


EAI Transactions in Industrial Networks and Intelligent Systems (INISCOM 2016 Special Edition with extended papers), January 2017

PDF File


Cited by

Year 2018 : 2 citations

 Ibrar Yaqoob, Ibrahim Abaker Targio Hashem, Arif Ahmed, S.M. Ahsan Kazmi, Choong Seon Hong, Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges, Future Generation Computer Systems, 2018, ISSN 0167-739X,

 Al-Hawawreh, Muna & Moustafa, Nour & Sitnikova, Elena. (2018). Identification of malicious activities in industrial internet of things based on deep learning models. Journal of Information Security and Applications. 41. 10.1016/j.jisa.2018.05.002.