Abstract
In this paper, we introduce an analysis of outlier detection using SVM (Support Vector Machine) for intrusion detection in control system communication networks. SVMs have proved to be useful for classifying normal communication and intrusion attacks. In control systems, a large amount of normal communication data is available, but as there have been almost no cyber attacks, there is very little actual attack data. One class SVM and SVDD (Support Vector Data Description) are two methods used for one class classification where only information of one of the classes is available. We applied these two methods to intrusion detection in an experimental control system network, and compared the differences in the classification. To gain information of the kind of traffic that would be classified as an attack, the percentage of allowed outliers was changed interactively, adding human knowledge of the control system to the results. And our experiments clarified that sequence information in control system communication is very important for detecting some intrusion attacks.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Kiuchi, M., Serizawa, Y.: Security Technologies, Usage and Guidelines in SCADA System Networks. In: ICCAS-SICE 2009 (2009)
Kiuchi, M., Serizawa, Y.: Customizing Control System Intrusion Detection at the Application Layer. In: SCADA Security Scientific Symposium 2009. Digital Bond Press (2009)
Osareh, A., Shadgar, B.: Intrusion Detection in Computer Networks Based on Machine Learning Algorithms. International Journal of Computer Science and Network Security 8(11) (2008)
Wun-Hwa, C., Sheng-Hsun, H., Hwang-Pin, Sh.: Application of SVM and ANN for Intrusion Detection. Computers & Operations Research 32, 2617–2634 (2005)
Corinna, C., Vladimir, V.: Support-Vector Networks. Machine Learning 20, 273–295 (1995)
Schölkopf, B., Platt, J., Shawe-Taylor, J., Smola, A., Williamson, R.: Estimating the Support for a High-dimensional Distribution. Microsoft Research, One Microsoft Way Redmond WA 98052, Tech. Rep. MSRTR-99-87 (1999)
Tax, D., Duin, R.: Support Vector Data Description. Machine Learning 54, 45–66 (2004)
Zhang, R., Zhang, S., Muthuraman, S., Jiang, J.: One Class Support Vector Machine for Anomaly Detection in the Communication Network Performance Data. In: 5th WSEAS Int. Conference on Applied Electromagnetics, Wireless and Optical Communications (2007)
Chih-Chung, C., Chih-Jen, L.: LIBSVM: A Library for Vector Machines (2001), http://www.csie.ntu.edu.tw/~cjlin/libsvm
Duin, R.P.W., Juszczak, P., Paclik, P., Pekalska, E., de Ridder, D., Tax, D.M.J., Verzakov, S.: PRTools4.1, A Matlab Toolbox for Pattern Recognition, Delft University of Technology (2007)
Tax, D.M.J.: DDtools, the Data Description Toolbox for Matlab (2009), http://homepage.tudelft.nl/n9d04/dd_tools.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Onoda, T., Kiuchi, M. (2012). Analysis of Intrusion Detection in Control System Communication Based on Outlier Detection with One-Class Classifiers. In: Huang, T., Zeng, Z., Li, C., Leung, C.S. (eds) Neural Information Processing. ICONIP 2012. Lecture Notes in Computer Science, vol 7667. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34500-5_33
Download citation
DOI: https://doi.org/10.1007/978-3-642-34500-5_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34499-2
Online ISBN: 978-3-642-34500-5
eBook Packages: Computer ScienceComputer Science (R0)