Open Access

ARTICLE

Anomaly Detection in ICS Datasets with Machine Learning Algorithms

Sinil Mubarak¹, Mohamed Hadi Habaebi^1,*, Md Rafiqul Islam¹, Farah Diyana Abdul Rahman, Mohammad Tahir²

1 International Islamic University Malaysia, Jalan Gombak, 53100, Malaysia
2 Sunway University, Selangor, 47500, Malaysia

* Corresponding Author: Mohamed Hadi Habaebi. Email:

Computer Systems Science and Engineering 2021, 37(1), 33-46. https://doi.org/10.32604/csse.2021.014384

Received 17 September 2020; Accepted 14 December 2020; Issue published 05 February 2021

Abstract

An Intrusion Detection System (IDS) provides a front-line defense mechanism for the Industrial Control System (ICS) dedicated to keeping the process operations running continuously for 24 hours in a day and 7 days in a week. A well-known ICS is the Supervisory Control and Data Acquisition (SCADA) system. It supervises the physical process from sensor data and performs remote monitoring control and diagnostic functions in critical infrastructures. The ICS cyber threats are growing at an alarming rate on industrial automation applications. Detection techniques with machine learning algorithms on public datasets, suitable for intrusion detection of cyber-attacks in SCADA systems, as the first line of defense, have been detailed. The machine learning algorithms have been performed with labeled output for prediction classification. The activity traffic between ICS components is analyzed and packet inspection of the dataset is performed for the ICS network. The features of flow-based network traffic are extracted for behavior analysis with port-wise profiling based on the data baseline, and anomaly detection classification and prediction using machine learning algorithms are performed.

---

Keywords

---

Citations