Skip to main content
SpringerLink
Log in
Book cover

Computer Science On-line Conference

CSOC 2017: Software Engineering Trends and Techniques in Intelligent Systems pp 136–147Cite as

Determination of Optimal Cluster Number in Connection to SCADA

  • Conference paper
  • First Online:

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 575))

Abstract

The recent evolution of cyber-attacks creates eminent pressure on information and communication systems. The increasing number of cyber-attacks and their sophistication have resulted in needs of the new type of cyber defense. The anomaly detection in relation to intrusion detection system (IDS) in connection with standard cyber defense technologies may be the answer to contemporary development in cyber security. Moreover, unsupervised anomaly detection based on K-means algorithm is broadly examined by a considerable number of researchers. Therefore, the algorithm is a solid selection in relation to intrusion detection system. However, one of the problems is to determine a proper number of cluster for the K-means. Nonetheless, there are methods to determine the optimal number of clusters. The aim of the article is to determine the number of clusters in relation to Supervisory Control and Data Acquisition system.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Vávra, J., Hromada, M.: An evaluation of cyber threats to industrial control systems. In: The ICMT 2015 Conference Proceeding, 19–21 May 2015, Brno, pp. 369–373 (2015). ISBN 978-80-7231-976-3

    Google Scholar 

  2. Horkan, M.: Challenges for IDS/IPS deployment in industrial control systems (2015)

    Google Scholar 

  3. Pollet, J.: SCADA 2017: the future of SCADA security. Red Tiger Security (2017)

    Google Scholar 

  4. Cheung, S., Dutertre, B., Fong, M., Lindqvist, U., Skinner, K., Valdes, A.: Using model-based intrusion detection for SCADA networks. In: Proceedings of the SCADA Security Scientific Symposium, vol. 46, pp. 1–12 (2007)

    Google Scholar 

  5. Verba, J., Milvich, M.: Idaho national laboratory supervisory control and data acquisition intrusion detection system (SCADA IDS). In: 2008 IEEE Conference on Technologies for Homeland Security, pp. 469–473. IEEE (2008)

    Google Scholar 

  6. Valli, C.: SCADA forensics with snort IDS. In: Proceedings of WORLDCOMP 2009, Security and Management, Las Vegas, USA, pp. 618–621 (2009)

    Google Scholar 

  7. Carcano, A., Fovino, I.N., Masera, M., Trombetta, A.: State-based network intrusion detection systems for SCADA protocols: a proof of concept. In: Rome, E., Bloomfield, R. (eds.) CRITIS 2009. LNCS, vol. 6027, pp. 138–150. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14379-3_12

    Chapter  Google Scholar 

  8. Zhu, B., Sastry, S.: Intrusion detection and resilient control for SCADA systems. In: Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection: Approaches for Threat Protection, p. 352 (2012)

    Google Scholar 

  9. Yang, Y., McLaughlin, K., Littler, T., Sezer, S., Wang, H.F.: Rule-based intrusion detection system for SCADA networks. In: Renewable Power Generation Conference (RPG 2013), 2nd IET, pp. 1–4. IET (2013)

    Google Scholar 

  10. Maglaras, L.A., Jiang, J.: Intrusion detection in scada systems using machine learning techniques. In: Science and Information Conference (SAI), pp. 626–631. IEEE (2014)

    Google Scholar 

  11. Marton, I., Sánchez, I.A., Carlos, S., Martorella, S.: Application of data driven methods for condition monitoring maintenance. Chem. Eng. Trans. 33, 301–306 (2013)

    Google Scholar 

  12. Tomlin Jr., L., Farnam, M.R.: A clustering approach to industrial network intrusion detection (2016)

    Google Scholar 

  13. Chiang, M.M.T., Mirkin, B.: Intelligent choice of the number of clusters in k-means clustering: an experimental study with different cluster spreads. J. Classif. 27(1), 3–40 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  14. Yang, Y., McLaughlin, K., Sezer, S., Littler, T., Im, E.G., Pranggono, B., Wang, H.F.: Multiattribute SCADA-specific intrusion detection system for power networks. IEEE Trans. Power Deliv. 29(3), 1092–1102 (2014)

    Article  Google Scholar 

  15. Vávra, J., Hromada, M.: Comparison of the intrusion detection system rules in relation with the SCADA systems. In: Silhavy, R., Senkerik, R., Oplatkova, Z., Silhavy, P., Prokopova, Z. (eds.) Software Engineering Perspectives and Application in Intelligent Systems. AISC, vol. 465, pp. 159–169. Springer, Cham (2010). doi:10.1007/978-3-319-33622-0_15

    Chapter  Google Scholar 

  16. Macaulay, T., Singer, B.: Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS. 193 p. CRC Press, Boca Raton (2012). ISBN 14-398-0196-7

    Google Scholar 

  17. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)

    Article  Google Scholar 

  18. Akoglu, L., Tong, H., Koutra, D.: Graph based anomaly detection and description: a survey. Data Min. Knowl. Discov. 29(3), 626–688 (2015)

    Article  MathSciNet  Google Scholar 

  19. Goldstein, M., Uchida, S.: A comparative evaluation of unsupervised anomaly detection algorithms for multivariate data. PLoS One 11(4), e0152173 (2016)

    Article  Google Scholar 

  20. Peeples, M.A.: R script for K-means cluster analysis (2011)

    Google Scholar 

  21. Rousseeuw, P.J.: Silhouettes: a graphical aid to the interpretation and validation of cluster analysis. J. Comput. Appl. Math. 20, 53–65 (1987)

    Article  MATH  Google Scholar 

  22. Pan, S., Morris, T., Adhikari, U.: A specification-based intrusion detection framework for cyber-physical environment in electric power system. Int. J. Netw. Secur. (IJNS) 17(2), 174–188 (2015)

    Google Scholar 

Download references

Acknowledgments

This work was funded by the Internal Grant Agency (IGA/FAI/2017/003) and supported by the project ev. no. VI20152019049 “RESILIENCE 2015: Dynamic Resilience Evaluation of Interrelated Critical Infrastructure Subsystems”, supported by the Ministry of the Interior of the Czech Republic in the years 2015–2019 and also supported by the research project VI20172019054 “An analytical software module for the real-time resilience evaluation from point of the converged security”, supported by the Ministry of the Interior of the Czech Republic in the years 2017–2019. Moreover, this work was supported by the Ministry of Education, Youth and Sports of the Czech Republic within the National Sustainability Programme project No. LO1303 (MSMT-7778/2014) and also by the European Regional Development Fund under the project CEBIA-Tech No. CZ.1.05/2.1.00/03.0089.

Author information

Authors and Affiliations

  1. Faculty of Applied Informatics, Tomas Bata University in Zlin, Nad Stráněmi 4511, Zlín, Czech Republic

    Jan Vávra & Martin Hromada

Authors
  1. Jan Vávra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Hromada
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jan Vávra .

Editor information

Editors and Affiliations

  1. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlin, Czech Republic

    Radek Silhavy

  2. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlin, Czech Republic

    Petr Silhavy

  3. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlin, Czech Republic

    Zdenka Prokopova

  4. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlin, Czech Republic

    Roman Senkerik

  5. Faculty of Applied Informatics, Tomas Bata University in Zlín, Zlin, Czech Republic

    Zuzana Kominkova Oplatkova

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Vávra, J., Hromada, M. (2017). Determination of Optimal Cluster Number in Connection to SCADA. In: Silhavy, R., Silhavy, P., Prokopova, Z., Senkerik, R., Kominkova Oplatkova, Z. (eds) Software Engineering Trends and Techniques in Intelligent Systems. CSOC 2017. Advances in Intelligent Systems and Computing, vol 575. Springer, Cham. https://doi.org/10.1007/978-3-319-57141-6_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-57141-6_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-57140-9

  • Online ISBN: 978-3-319-57141-6

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation