A Novel LWCSO-PKM-Based Feature Optimization and Classification of Attack Types in SCADA Network

Abstract

Currently, Supervisory Control and Data Acquisition (SCADA) systems are widely used in the remote monitoring and control of the large-scale manufacturing plants and power grids. The development of high-security SCADA is the major requirement due to their vulnerability to attacks based on the architectural constraints. The decision making regarding the controlling of power flows and the replacement of faulty devices is based on the two stages normal or attacked. The observations from the sensor play the major role in the classification of normal and abnormal patterns. With the increase in a number of observations, the dimensionality of features is high and thus there is a chance of misleading results during the classification progress. Various classification and the intrusion detection (ID) algorithms are available to reduce the dimensionality of features for better classification. This paper proposes a novel approach for feature optimization and classification of the attack types in the SCADA network with better performance than the existing algorithms. The Linear Weighted Cuckoo Search Optimization (LWCSO) algorithm in proposed work selects the best features from the overall features. A Probabilistic Kernel Model (PKM) updates the weight function of each node to form the clusters representing the optimal features. The label is applied to each cluster based on the difference between the set of labeled training features with the testing feature set. Based on this label, the features are applied to detect the anomaly node in the network area. From the classification result, if the attack type is already known, then appropriate action is taken immediately. If the attack type is unknown, its type is added to the database. The periodical discovery of the type of attack and the database update with the unknown attacks increases the detection ability effectively. From the performance analysis, it is observed that the proposed LWCSO-PKM approach achieves better performance than the existing classification techniques and IDS algorithms.