Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection
Proceedings of the International Joint Conference on Neural Networks
cyberphysical systems, ensemble learning, Feature selection, intrusion detection, mutual information, SCADA, supervised learning
Security maintenance of Supervisory Control and Data Acquisition (SCADA) systems has been a point of interest during recent years. Numerous research works have been dedicated to the design of intrusion detection systems for securing SCADA communications. Nevertheless, these data-driven techniques are usually dependant on the quality of the monitored data. In this work, we propose a novel feature selection approach, called MSFS, to tackle undesirable quality of data caused by feature redundancy. In contrast to most feature selection techniques, the proposed method models each class in a different subspace, where it is optimally discriminated. This has been accomplished by resorting to ensemble learning, which enables the usage of multiple feature sets in the same feature space. The proposed method is then utilized to perform intrusion detection in smaller subspaces, which brings about efficiency and accuracy. Moreover, a comparative study is performed on a number of advanced feature selection algorithms. Furthermore, a dataset obtained from the SCADA system of a gas pipeline is employed to enable a realistic simulation. The results indicate the proposed approach extensively improves the detection performance in terms of classification accuracy and standard deviation.
Hallaji, Ehsan; Razavi-Far, Roozbeh; and Saif, Mehrdad. (2020). Detection of Malicious SCADA Communications via Multi-Subspace Feature Selection. Proceedings of the International Joint Conference on Neural Networks.