Journal:IEEE Internet of Things Journal

Impact Factor:10.6

Abstract:As the volume of network attacks on Supervisory Control and Data Acquisition (SCADA) systems increases, the existing supervised methods that over-rely on priori knowledge can hardly cope with increasingly stealthy and legitimate unknown protocol attacks for heterogeneous industrial scenarios. In this paper, we present an anomaly-based deep learning attack-aware method called ALOC, which constitutes the dual Frequency Domain Transform (FDT) and implicit Generative Adversarial Networks (GANs). The former is proposed that reduces the cost of hand-designed features and normalizes raw traffic bytes as the input under different protocol types. With the assistance of a Deep Auto-Encoder (DAE) with 1D Convolutional Neural Networks (1D-CNNs), the latter can automatically build a behavioral baseline based on the multi-scale distribution of transformed raw bytes. The potential SCADA anomalies or intrusions can be effectively detected, which enables field operators to avoid security risks in a timely manner. Essentially, the trained model conveniently determines the anomaly boundaries by augmenting the representation capabilities of raw session information in high-dimensional space. In response, adversarial training with different loss functions is introduced to constrain the reconstruction of anomalous samples extremely, which in turn improves the detection performance and analyzes anomaly attributes. The experimental results show that the proposed approach is more effective and generalized than existing state-of-the-art baselines.

Key Words:SCADA systems, 1D-CNNs, GANs, Frequency Domain Transform, Attack-Aware, Anomaly Detection

Indexed by:SCI JCR Q1

Note:https://ieeexplore.ieee.org/document/10488383

Discipline:Engineering

Document Type:JCR 一区

First-Level Discipline:Computer Science and Technology

Translation or Not:no