TY - GEN
T1 - Towards SCADA Threat Intelligence based on Intrusion Detection Systems - A Short Review
AU - Qassim, Qais Saif
AU - Jamil, Norziana
AU - Mahdi, Mohammed Najah
AU - Abdul Rahim, Azril Azam
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/8/24
Y1 - 2020/8/24
N2 - Securing and protecting Supervisory Control and Data Acquisition (SCADA) systems have been an active topic of research for the past decades due to the catastrophic and disastrous consequences when these systems are breached or compromised. Therefore, possible cyberattacks and malicious behaviours must be addressed instantly to prevent catastrophic and disastrous consequences on the national critical infrastructures. To this end, intrusion detection systems are considered as an essential security defence mechanism for SCADA networks. It can effectively detect potential cyberattacks and malicious activities and prevent catastrophic consequences. However, zero-day, deception and stealth attacks require a special type of detection methods in which it should be able to identify anomalies and detect possible malicious activities. There are a handful number of studies that have been carried out previously in this regard. However, this area of research is still immature and emerging. Therefore, this research is intended to investigate the merits, limitations and drawbacks of the existing detection methods, investigates the cyberattacks on SCADA systems, identify key features that can be used to discover irregular activities and to put forward the requirements and recommendations for detect cyberattacks and malicious activities in the SCADA networks.
AB - Securing and protecting Supervisory Control and Data Acquisition (SCADA) systems have been an active topic of research for the past decades due to the catastrophic and disastrous consequences when these systems are breached or compromised. Therefore, possible cyberattacks and malicious behaviours must be addressed instantly to prevent catastrophic and disastrous consequences on the national critical infrastructures. To this end, intrusion detection systems are considered as an essential security defence mechanism for SCADA networks. It can effectively detect potential cyberattacks and malicious activities and prevent catastrophic consequences. However, zero-day, deception and stealth attacks require a special type of detection methods in which it should be able to identify anomalies and detect possible malicious activities. There are a handful number of studies that have been carried out previously in this regard. However, this area of research is still immature and emerging. Therefore, this research is intended to investigate the merits, limitations and drawbacks of the existing detection methods, investigates the cyberattacks on SCADA systems, identify key features that can be used to discover irregular activities and to put forward the requirements and recommendations for detect cyberattacks and malicious activities in the SCADA networks.
KW - Anomaly Detection
KW - Critical Infrastructures
KW - Intrusion Detection
KW - SCADA
KW - Threat Intelligence
UR - http://www.scopus.com/inward/record.url?scp=85097655331&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85097655331&partnerID=8YFLogxK
U2 - 10.1109/ICIMU49871.2020.9243337
DO - 10.1109/ICIMU49871.2020.9243337
M3 - Conference contribution
AN - SCOPUS:85097655331
T3 - 2020 8th International Conference on Information Technology and Multimedia, ICIMU 2020
SP - 144
EP - 149
BT - 2020 8th International Conference on Information Technology and Multimedia, ICIMU 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th International Conference on Information Technology and Multimedia, ICIMU 2020
Y2 - 24 August 2020 through 25 August 2020
ER -