Flow-based intrusion detection algorithm for supervisory control and data acquisition systems: A real-time approach

Intrusion detection in supervisory control and data acquisition (SCADA) systems is integral because of the critical roles of these systems in industries. However, available approaches in the literature lack representative flow-based datasets and reliable real-time adaption and evaluation. A publicly available labelled dataset to support flow-based intrusion detection research specific to SCADA systems is presented. Cyberattacks were carried out against our SCADA system test bed to generate this flow-based dataset. Moreover, a flow-based intrusion detection system (IDS) is developed for SCADA systems using a deep learning algorithm. We used the dataset to develop this IDS model for real-time operations of SCADA systems to detect attacks momentarily after they happen. The results show empirical proof of the model's adequacy when deployed online to detect cyberattacks in real time.

Automated summary

Intrusion detection in SCADA systems is crucial, but current approaches lack representative datasets and real-time adaptability. This study presents a flow-based dataset and a deep learning-based IDS for SCADA systems. Experimental results show the model can detect cyberattacks in real time.