Skip to main content
SpringerLink
Log in
Book cover

International Conference on Neural Information Processing

ICONIP 2012: Neural Information Processing pp 275–282Cite as

Analysis of Intrusion Detection in Control System Communication Based on Outlier Detection with One-Class Classifiers

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 7667))

Abstract

In this paper, we introduce an analysis of outlier detection using SVM (Support Vector Machine) for intrusion detection in control system communication networks. SVMs have proved to be useful for classifying normal communication and intrusion attacks. In control systems, a large amount of normal communication data is available, but as there have been almost no cyber attacks, there is very little actual attack data. One class SVM and SVDD (Support Vector Data Description) are two methods used for one class classification where only information of one of the classes is available. We applied these two methods to intrusion detection in an experimental control system network, and compared the differences in the classification. To gain information of the kind of traffic that would be classified as an attack, the percentage of allowed outliers was changed interactively, adding human knowledge of the control system to the results. And our experiments clarified that sequence information in control system communication is very important for detecting some intrusion attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kiuchi, M., Serizawa, Y.: Security Technologies, Usage and Guidelines in SCADA System Networks. In: ICCAS-SICE 2009 (2009)

    Google Scholar 

  2. Kiuchi, M., Serizawa, Y.: Customizing Control System Intrusion Detection at the Application Layer. In: SCADA Security Scientific Symposium 2009. Digital Bond Press (2009)

    Google Scholar 

  3. Osareh, A., Shadgar, B.: Intrusion Detection in Computer Networks Based on Machine Learning Algorithms. International Journal of Computer Science and Network Security 8(11) (2008)

    Google Scholar 

  4. Wun-Hwa, C., Sheng-Hsun, H., Hwang-Pin, Sh.: Application of SVM and ANN for Intrusion Detection. Computers & Operations Research 32, 2617–2634 (2005)

    Article  MATH  Google Scholar 

  5. Corinna, C., Vladimir, V.: Support-Vector Networks. Machine Learning 20, 273–295 (1995)

    MATH  Google Scholar 

  6. Schölkopf, B., Platt, J., Shawe-Taylor, J., Smola, A., Williamson, R.: Estimating the Support for a High-dimensional Distribution. Microsoft Research, One Microsoft Way Redmond WA 98052, Tech. Rep. MSRTR-99-87 (1999)

    Google Scholar 

  7. Tax, D., Duin, R.: Support Vector Data Description. Machine Learning 54, 45–66 (2004)

    Article  MATH  Google Scholar 

  8. Zhang, R., Zhang, S., Muthuraman, S., Jiang, J.: One Class Support Vector Machine for Anomaly Detection in the Communication Network Performance Data. In: 5th WSEAS Int. Conference on Applied Electromagnetics, Wireless and Optical Communications (2007)

    Google Scholar 

  9. Chih-Chung, C., Chih-Jen, L.: LIBSVM: A Library for Vector Machines (2001), http://www.csie.ntu.edu.tw/~cjlin/libsvm

  10. Duin, R.P.W., Juszczak, P., Paclik, P., Pekalska, E., de Ridder, D., Tax, D.M.J., Verzakov, S.: PRTools4.1, A Matlab Toolbox for Pattern Recognition, Delft University of Technology (2007)

    Google Scholar 

  11. Tax, D.M.J.: DDtools, the Data Description Toolbox for Matlab (2009), http://homepage.tudelft.nl/n9d04/dd_tools.html

Download references

Author information

Authors and Affiliations

  1. System Engineering System Laboratory, Central Research Institute of Electric Power Industry, 2-11-1, Iwado Kita, Komae-shi, Tokyo, 201-8511, Japan

    Takashi Onoda & Mai Kiuchi

Authors
  1. Takashi Onoda
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mai Kiuchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Texas A&M University at Qatar, Education City, P.O. Box 23874, Doha, Qatar

    Tingwen Huang

  2. Department of Control Science and Engineering, Huazhong University of Science and Technology, 1037 Luoyu Road, 430074, Wuhan, Hubei, China

    Zhigang Zeng

  3. College of Computer Science, Chongqing University, 174 Shazhengjie Street, 400044, Chongqing, China

    Chuandong Li

  4. Department of Electronic Engineering, City University of Hong Kong, 83 Tat Chee Avenue, Kowloon, Hong Kong, China

    Chi Sing Leung

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Onoda, T., Kiuchi, M. (2012). Analysis of Intrusion Detection in Control System Communication Based on Outlier Detection with One-Class Classifiers. In: Huang, T., Zeng, Z., Li, C., Leung, C.S. (eds) Neural Information Processing. ICONIP 2012. Lecture Notes in Computer Science, vol 7667. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34500-5_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34500-5_33

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34499-2

  • Online ISBN: 978-3-642-34500-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation