Attack Detection Using Artificial Intelligence Methods for SCADA Security

Technological developments and transformations have rapidly risen since the Fourth Industrial Revolution. The prevalence of industrial devices interconnected over the wireless sensor networks and the provision of a sustainable data flow reveal the importance of the Industrial Internet of Things (IIoT). In the manufacturing industry, supervisory control and data acquisition (SCADA) systems are used to control IIoT for critical infrastructure. A cyberattack on the network-based communication structure embedded into the architecture of industrial equipment can significantly disrupt/sabotage product manufacturing and other industrial operations. The digitization of industrial control systems can expose the systems to malicious actors and therefore requires additional security solutions, such as intrusion detection systems (IDSs). Increasing sophistication of cyberattacks, industrial companies need to adopt innovative solutions like artificial intelligence (AI)-based attack detection to protect their valuable assets. In addition, AI-based approaches are more effective as they analyze network traffic, identify threats, and adapt to new attack techniques. This study aims to develop an AI-based IDS with high accuracy for SCADA security. In the study, cyberattacks that may occur against SCADA systems are examined. AI methods (including K-nearest neighbor, quadratic discriminant analysis, adaptive boosting, gradient boosting, and random forest) in different categories are used and AI models with various parameters are built. To improve the detection performance of the models, comprehensive experiments are carried out on two different SCADA data sets. As a result of experiments, the test accuracy rates exceeding 96.82% are achieved by all models: on the WUSTL-IIOT-2021 data set, the XGB model has outperformed with an accuracy of 99.99%.