Mining of intrusion attack in SCADA network using clustering and genetically seeded flora-based optimal classification algorithm

Mining of intrusion attack in SCADA network using clustering and genetically seeded flora-based optimal classification algorithm

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

The applications such as the remote communication and the control system are in critically integrated arrangement. The controlling of these network is specified by supervisory control and data acquisition (SCADA) systems. This study discusses about the attack prediction and classification process by using an enhanced model of machine learning technology. The attack types are classified by the optimal selection of features extracted from the sensor data. In this, the features are labelled and cluster between the matrixes are extracted. These cluster forms the initial processing of attack identification which prevents the mismatched result. This clustering of data is performed by mean-shift clustering algorithm. From that clustered data, the features that are irrelevant for classification process is identified and suppressed by using the genetically seeded flora optimisation algorithm. In this optimisation process, the flora seeds are selected genetically to select best features. Then, from that optimally selected clustered data, the relevancy vector is predicted and the types are classified. The classification process is performed by the Boltzmann machine learning algorithm. The classified results of the proposed method for testing SCADA dataset are analysed and the performance metrics are evaluated and compared with the state-of-the-art methods.


    1. 1)
      • 1. Hieb, J.: ‘Security hardened remote terminal units for SCADA networks’, 2008.
    2. 2)
      • 2. Yang, L., Cao, X., Li, J.: ‘A new cyber security risk evaluation method for oil and gas SCADA based on factor state space’, J. Solitons Fractals, 2016, 89, pp. 203209.
    3. 3)
      • 3. Zhang, Y., Wang, L., Xiang, Y., et al: ‘Inclusion of SCADA cyber vulnerability in power system reliability assessment considering optimal resources allocation’, IEEE Trans. Power Syst., 2016, 31, (6), pp. 43794394.
    4. 4)
      • 4. Almalawi, A., Fahad, A., Tari, Z., et al: ‘An efficient data-driven clustering technique to detect attacks in SCADA systems’, IEEE Trans. Inf. Forensics Sec., 2016, 11, (5), pp. 893906.
    5. 5)
      • 5. Li, W., Xie, L., Deng, Z., et al: ‘False sequential logic attack on SCADA system and its physical impact analysis’, Comput. Secur., 2016, 58, pp. 149159.
    6. 6)
      • 6. Zhang, Y., Wang, L., Xiang, Y.: ‘Power system reliability analysis with intrusion tolerance in SCADA systems’, IEEE Trans. Smart Grid, 2016, 7, (2), pp. 669683.
    7. 7)
      • 7. Finogeev, A.G., Finogeev, A.A.: ‘Information attacks and security in wireless sensor networks of industrial SCADA systems’, J. Ind. Inf. Integr., 2017, 5, pp. 616.
    8. 8)
      • 8. Cherifi, T., Hamami, L.: ‘A practical implementation of unconditional security for the IEC 60780-5-101 SCADA protocol’, Int. J. Crit. Infrastruct. Prot., 2018, 20, pp. 6884.
    9. 9)
      • 9. Lahza, H., Radke, K., Foo, E.: ‘Applying domain-specific knowledge to construct features for detecting distributed denial-of-service attacks on the GOOSE and MMS protocols’, Int. J. Crit. Infrastruct. Prot., 2018, 20, pp. 4867.
    10. 10)
      • 10. Chen, Y., Hong, J., Liu, C.C..: ‘Modeling of intrusion and defense for assessment of cyber security at power substations’, IEEE Trans. Smart Grid, 2018, 9, (4), pp. 25412552.
    11. 11)
      • 11. Sun, P., Li, J., Wang, C., et al: ‘A generalized model for wind turbine anomaly identification based on SCADA data’, Appl. Energy, 2016, 168, pp. 550567.
    12. 12)
      • 12. Raak, F., Susuki, Y., Hikihara, T.: ‘Data-driven partitioning of power networks via Koopman mode analysis’, IEEE Trans. Power Syst., 2016, 31, (4), pp. 27992808.
    13. 13)
      • 13. Fang, R., Shang, R., Wu, M., et al: ‘Application of gray relational analysis to k-means clustering for dynamic equivalent modeling of wind farm’, Int. J. Hydrog. Energy, 2017, 42, (31), pp. 2015420163.
    14. 14)
      • 14. Khan, R., Khan, S.U.: ‘Design and implementation of an automated network monitoring and reporting back system’, J. Ind. Inf. Integr., 2018, 9, pp. 2434.
    15. 15)
      • 15. Elhoseny, M., Hosny, A., Hassanien, A.E., et al: ‘Secure automated forensic investigation for sustainable critical infrastructures compliant with green computing requirements’, IEEE Trans. Sustain. Comput., 2017, to appear.
    16. 16)
      • 16. Parwez, M.S., Rawat, D.B., Garuba, M.: ‘Big data analytics for user-activity analysis and user-anomaly detection in mobile wireless network’, IEEE Trans. Ind. Inf., 2017, 13, (4), pp. 20582065.
    17. 17)
      • 17. Raman, M.G., Somu, N., Kirthivasan, K., et al: ‘A hypergraph and arithmetic residue-based probabilistic neural network for classification in intrusion detection systems’, Neural Netw., 2017, 92, pp. 8997.
    18. 18)
      • 18. Roy, S.S., Mallik, A., Gulati, R., et al: ‘A deep learning based artificial neural network approach for intrusion detection’. Int. Conf. Mathematics and Computing, 2017, pp. 4453.
    19. 19)
      • 19. Tran, N.N., Sarker, R., Hu, J.: ‘An approach for host-based intrusion detection system design using convolutional neural network’. Int. Conf. Mobile Networks and Management, Melbourne, VIC, Australia, 2017, pp. 116126.
    20. 20)
      • 20. Ashok, A., Govindarasu, M., Ajjarapu, V.: ‘Online detection of stealthy false data injection attacks in power system state estimation’, IEEE Trans. Smart Grid, 2018, 9, (3), pp. 16361646.
    21. 21)
      • 21. Lin, H., Slagell, A., Kalbarczyk, Z.T., et al: ‘Runtime semantic security analysis to detect and mitigate control-related attacks in power grids’, IEEE Trans. Smart Grid, 2018, 9, (1), pp. 163178.
    22. 22)
      • 22. Lopez, J., Liefer, N.C., Busho, C.R., et al: ‘Enhancing critical infrastructure and key resources (CIKR) level-0 physical process security using field device distinct native attribute features’, IEEE Trans. Inf. Forensics Sec., 2018, 13, (5), pp. 12151229.
    23. 23)
      • 23. Shitharth, S., Prince Winston, D.: ‘Comparison of PRC based RVM classification versus SVM classification in SCADA network’, J. Electr. Eng., 2017, 17, (1), pp. 318331.
    24. 24)
      • 24. Shitharth, S., Prince Winston, D.: ‘A comparative analysis between two countermeasure techniques to detect DDoS with sniffers in a SCADA network’, Procedia Technol., 2015, 21, pp. 179186.
    25. 25)
      • 25. Zhang, E., Chen, Q.: ‘Multi-objective reliability redundancy allocation in an interval environment using particle swarm optimization’, Reliab. Eng. Syst. Saf., 2016, 145, pp. 8392.
    26. 26)
      • 26. Li, H., Bose, A., Venkatasubramanian, V.M.: ‘Wide-area voltage monitoring and optimization’, IEEE Trans. Smart Grid, 2016, 7, (2), pp. 785793.
    27. 27)
      • 27. Shitharth, S., Prince Winston, D.: ‘A novel IDS technique to detect DDoS and sniffers in smart grid’. 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave), Coimbatore, India, 2016, pp. 16.
    28. 28)
      • 28. Ko, H., Vale, Z.: ‘Optimal intelligent supervisory control system in cyber-physical intelligence’. Security Technology, Disaster Recovery and Business Continuity, 2010, pp. 171178.
    29. 29)
      • 29. Aiello, M., Mongelli, M., Cambiaso, E., et al: ‘Profiling DNS tunneling attacks with PCA and mutual information’, Logic J. IGPL, 2016, 24, (6), pp. 957970.
    30. 30)
      • 30. Huda, S., Yearwood, J., Hassan, M.M., et al: ‘Securing the operations in SCADA-IoT platform based industrial control system using ensemble of deep belief networks’, Appl. Soft Comput., 2018, 71, pp. 6677.
    31. 31)
      • 31. Perez, R.L., Adamsky, F., Soua, R., et al: ‘Machine learning for reliable network attack detection in SCADA systems’. 2018 17th IEEE Int. Conf. Trust, Security and Privacy in Computing and Communications/12th IEEE Int. Conf. Big Data Science and Engineering (TrustCom/BigDataSE), 2018, pp. 633638.
    32. 32)
      • 32. Shitharth, S., Manikandan, T.: ‘Removal of selective black hole attack in MANET by AODV protocol’, Int. J. Innov. Res. Sci. Eng. Technol., 2014, 3, (3), pp. 23722377.
    33. 33)
      • 33. Kumar, S., Sebastian Albina, C., Shitharth, S., et al: ‘Modified TSR protocol to support trust in MANET using fuzzy’, Int. J. Innov. Res. Sci. Eng. Technol., 2014, 3, (3), pp. 25512555.
    34. 34)
      • 34. Shitharth, S., Prince Winston, D.: ‘An appraisal on security challenges and countermeasures in smart grid’, Int. J. Appl. Eng. Res., 2015, 10, (20), pp. 1659116597.
    35. 35)
      • 35. Yuan, Y., Sun, F., Liu, H.: ‘Resilient control of cyber-physical systems against intelligent attacker: a hierarchal Stackelberg game approach’, Int. J. Syst. Sci., 2016, 47, (9), pp. 20672077.
    36. 36)
      • 36. Sadhasivan, D.K., Balasubramanian, K.: ‘A novel LWCSO-PKM-based feature optimization and classification of attack types in SCADA network’, Arab. J. Sci. Eng., 2017, 42, (8), pp. 34353449.
    37. 37)
      • 37. Shitharth, S., Prince Winston, D.: ‘An enhanced optimization algorithm for intrusion detection in SCADA network’, J. Comput. Secur., 2017, 70, pp. 1626.
    38. 38)
      • 38. Cheng, L., Wu, X.-H., Wang, Y.: ‘Artificial flora (AF) optimization algorithm’, Appl. Sci., 2018, 8, (3), p. 329.

Related content

This is a required field
Please enter a valid email address