Omni SCADA Intrusion Detection Using Deep Learning Algorithms

In this article, we investigate deep-learning-based omni intrusion detection system (IDS) for supervisory control and data acquisition (SCADA) networks that are capable of detecting both temporally uncorrelated and correlated attacks. Regarding the IDSs developed in this article, a feedforward neural network (FNN) can detect temporally uncorrelated attacks at an F1 of 99.967plusmn;0.005% but correlated attacks as low as 58plusmn;2%. In contrast, long short-term memory (LSTM) detects correlated attacks at 99.56plusmn;0.01% while uncorrelated attacks at 99.3plusmn;0.1%. Combining LSTM and FNN through an ensemble approach further improves the IDS performance with F1 of 99.68plusmn;0.04% regardless the temporal correlations among the data packets.