Attack and Defense Modeling Against DDoS Attacks in Industrial SCADA System Using Machine Learning

Abstract

SCADA systems are monitoring and controlling critical infrastructures such as power generation, water supply, transportation networks, and manufacturing facilities. In order to ensure those critical infrastructures protection, it is necessary to understand all the ways in which the systems can be attacked and adopted a viewpoint similar to an attacker for determining weaknesses and hiatus in defenses. In fact, SCADA systems are very attractive targets for many malicious attacks. Many factors contributed to the increased risk of modern control systems, including network infrastructure, poor configurations, lack of skilled people, and reliance on standard technologies with a number of known vulnerabilities that are exploited by the attackers. The aim of this thesis is to investigate malicious attacks affecting the security of SCADA systems. The main focus is made on the DoS and DDoS attacks which have become a real threat to the functions of SCADA systems in a normal way. We have developed an attack tree for SCADA systems providing the possible routes for the attackers to disrupt the systems. We have contributed in developing attack and defence modelling for SCADA systems. We have worked on detecting DoS and DDoS attacks on SCADA systems and provided recommendations to avoid those harmful attacks. We have used the Honeypot approach to detect DoS and DDoS attacks on SCADA systems. In addition, some machine learning techniques have been applied to find alternatives for detecting such type of attacks The proposed model proves to be good as our experimental results produce an accuracy of 99.91