Evaluation of Classifiers to Detect Intrusion in SCADA System

Critical infrastructures play a important role in bringing the economy on track, where infrastructures such as – smart grids, gas pipelines, nuclear power stations, and water pumps controlled and managed by Supervisory Control and Data Acquisition (SCADA) systems, which is a crucial entity in Industrial Control System (ICS). One of the major initiatives that had been taken is to connect these ICS systems with the Internet, although it brings a lot of challenges too related to cyber security such as –unmonitored communication, un-encrypted network traffic, weak protocols, external attack – intruders, lack of asset awareness. The information exchange between Programmable Logic Controller (PLC) and SCADA system can be prone to different cyber attacks, therefore a detection mechanism is very essential. An automated system such as Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) would be very supportive of any machine learning algorithm, in particular to the classification problem. This paper would mainly focus on diverse classification algorithms to increase the efficiency of intrusion detection. The techniques of newly adopted classification algorithms such as – Linear Discriminate Algorithm (LDA), and Quadratic Discriminate Algorithm (QDA), have been investigated thoroughly, and applied to the SCADA gas pipeline dataset.  The performances of individual algorithms are compared and evaluated closely in terms of accuracy, precision, and recall. True-positive rates of the algorithms are taken into consideration while comparing their performances.