Foreword ix Preface xi Acronyms xv 1. Introduction 1 2. Background 15 3. SCADA-Based Security Testbed 25 4. Efficient k-Nearest Neighbour Approach Based on Various-Widths Clustering 63 5. SCADA Data-Driven Anomaly Detection 87 6. A Global Anomaly Threshold to Unsupervised Detection 119 7. Threshold Password-Authenticated Secret Sharing Protocols 151 8. Conclusion 179 References 185 Index 195

Examines the design and use of Intrusion Detection Systems (IDS) to secure Supervisory Control and Data Acquisition (SCADA) systems Cyber-attacks on SCADA systems—the control system architecture that uses computers, networked data communications, and graphical user interfaces for high-level process supervisory management—can lead to costly financial consequences or even result in loss of life. Minimizing potential risks and responding to malicious actions requires innovative approaches for monitoring SCADA systems and protecting them from targeted attacks. SCADA Security: Machine Learning Concepts for Intrusion Detection and Prevention is designed to help security and networking professionals develop and deploy accurate and effective Intrusion Detection Systems (IDS) for SCADA systems that leverage autonomous machine learning. Providing expert insights, practical advice, and up-to-date coverage of developments in SCADA security, this authoritative guide presents a new approach for efficient unsupervised IDS driven by SCADA-specific data. Organized into eight in-depth chapters, the text first discusses how traditional IT attacks can also be possible against SCADA, and describes essential SCADA concepts, systems, architectures, and main components. Following chapters introduce various SCADA security frameworks and approaches, including evaluating security with virtualization-based SCADAVT, using SDAD to extract proximity-based detection, finding a global and efficient anomaly threshold with GATUD, and more. This important book: Provides diverse perspectives on establishing an efficient IDS approach that can be implemented in SCADA systemsDescribes the relationship between main components and three generations of SCADA systemsExplains the classification of a SCADA IDS based on its architecture and implementationSurveys the current literature in the field and suggests possible directions for future research SCADA Security: Machine Learning Concepts for Intrusion Detection and Prevention is a must-read for all SCADA security and networking researchers, engineers, system architects, developers, managers, lecturers, and other SCADA security industry practitioners.