Submissions to Scholars Junction will be closed starting Monday, December 21, as we begin migrating to a new platform.

    • Login
    View Item  
    •   Scholars Junction
    • Theses and Dissertations
    • Theses and Dissertations
    • View Item
    •   Scholars Junction
    • Theses and Dissertations
    • Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Search

    My Account

    Login Register

    About

    About This Repository Deposit Your Work Policies and Terms of Use Contact Us More Scholarly Communication Services

    Browse

    Entire Repository Communities & Collections Issue Date Authors Titles Subjects This Collection Issue Date Authors Titles Subjects

    Cyberthreats, Attacks and Intrusion Detection in Supervisory Control and Data Acquisition Networks

    View/ Open
    etd-09232013-205355.pdf (976.2 Kb )
    Author
    Gao, Wei
    Item Type
    Dissertation
    Advisor
    Morris, Thomas H.
    Committee
    Reese, Donna
    Abdelwahed, Sherif
    Dampier, David
    Fowler, James E.
    Metrics
    
    Abstract
    Supervisory Control and Data Acquisition (SCADA) systems are computer-based process control systems that interconnect and monitor remote physical processes. There have been many real world documented incidents and cyber-attacks affecting SCADA systems, which clearly illustrate critical infrastructure vulnerabilities. These reported incidents demonstrate that cyber-attacks against SCADA systems might produce a variety of financial damage and harmful events to humans and their environment. This dissertation documents four contributions towards increased security for SCADA systems. First, a set of cyber-attacks was developed. Second, each attack was executed against two fully functional SCADA systems in a laboratory environment; a gas pipeline and a water storage tank. Third, signature based intrusion detection system rules were developed and tested which can be used to generate alerts when the aforementioned attacks are executed against a SCADA system. Fourth, a set of features was developed for a decision tree based anomaly based intrusion detection system. The features were tested using the datasets developed for this work. This dissertation documents cyber-attacks on both serial based and Ethernet based SCADA networks. Four categories of attacks against SCADA systems are discussed: reconnaissance, malicious response injection, malicious command injection and denial of service. In order to evaluate performance of data mining and machine learning algorithms for intrusion detection systems in SCADA systems, a network dataset to be used for benchmarking intrusion detection systemswas generated. This network dataset includes different classes of attacks that simulate different attack scenarios on process control systems. This dissertation describes four SCADA network intrusion detection datasets; a full and abbreviated dataset for both the gas pipeline and water storage tank systems. Each feature in the dataset is captured from network flow records. This dataset groups two different categories of features that can be used as input to an intrusion detection system. First, network traffic features describe the communication patterns in a SCADA system. This research developed both signature based IDS and anomaly based IDS for the gas pipeline and water storage tank serial based SCADA systems. The performance of both types of IDS were evaluates by measuring detection rate and the prevalence of false positives.
    Degree
    Doctor of Philosophy
    Major
    Computer Engineering
    College
    Bagley College of Engineering
    Department
    Department of Electrical and Computer Engineering
    URI
    https://hdl.handle.net/11668/19688
    Collections
    • Theses and Dissertations
    Show full item record
    Mississippi State University Libraries
    395 Hardy Rd
    P.O. Box 5408, Mississippi State, MS 39762-5408
    (662) 325-7668
    (662) 325-0011
    (662) 325-8183
    Contact repository admin Report a problem Terms of use Privacy policy Accessibility MSU Legal
     

     

    Mississippi State University Libraries
    395 Hardy Rd
    P.O. Box 5408, Mississippi State, MS 39762-5408
    (662) 325-7668
    (662) 325-0011
    (662) 325-8183
    Contact repository admin Report a problem Terms of use Privacy policy Accessibility MSU Legal