Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems
The confidentiality, integrity and availability of critical infrastructure is crucial for any economy to operate efficiently. Critical water systems infrastructure is a target of many attackers who aim to penetrate the system for malicious reasons. The use of cyber-physical systems (CPSs) in Water T...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | Eng |
| Published: |
Department of Electrical Engineering
2024
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613169212456960 |
|---|---|
| access_status_str | Open Access |
| author | Mboweni, Ignitious |
| author2 | Ramotsoela, Daniel |
| author_browse | Mboweni, Ignitious Ramotsoela, Daniel |
| author_facet | Ramotsoela, Daniel Mboweni, Ignitious |
| author_sort | Mboweni, Ignitious |
| collection | Thesis |
| description | The confidentiality, integrity and availability of critical infrastructure is crucial for any economy to operate efficiently. Critical water systems infrastructure is a target of many attackers who aim to penetrate the system for malicious reasons. The use of cyber-physical systems (CPSs) in Water Treatment Systems (WTSs) unveils many vulnerabilities that attackers can use. Although preventative security mechanisms are put into place they too can be defeated, and in this case, a second layer of security is essential. Intrusion detection mechanisms are important reactive security mechanisms to limit the damage done by a successful attack in the system. The ability to uncover data patterns and gather knowledge from data is a significant benefit of machine learning (ML), however factors such as noise, missing values, excessive features, and inconsistent and redundant data negatively affects the performance of the model, hence a need for data preprocessing which makes it possible to achieve speed and accuracy on a ML process by unveiling veracity in the data ergo making it valuable. Although many ML techniques for intrusion detection have been studied, comprehensive data preprocessing is scarcely documented. This begets a need for an adoptable data preprocessing workflow specifically for critical water systems infrastructure sensor and actuator data that researchers who intend on working on advancing cyber security in CPSs can utilise. The work provided in this dissertation explores data preprocessing techniques on secure water treatment (SWaT) testbed data and provides ideal critical water systems infrastructure specific data preprocessing techniques for a resultant informative dataset to yield high results when applied on machine learning (ML) classification models. The SWaT dataset was chosen as it was designed for cyber security research with a WTS use case. The techniques in this study can be applied to a similar kind of dataset collected from a similar environment and not limited to water treatment. Experiments were set up to evaluate the effect of preprocessing measures and the results showed good improvement on the model's performance which is a good indication of the impact that the data preprocessing has. The best performance was achieved when the preprocessed dataset was randomly split into training and testing, yielding a significant improvement in accuracy, F1 score and time to detection for both algorithms used in the study, namely Fine Tree and Boosted Trees Ensemble. |
| format | Thesis |
| id | oai:open.uct.ac.za:11427/40335 |
| institution | University of Cape Town (South Africa) |
| language | Eng |
| last_indexed | 2026-06-10T12:31:52.071Z |
| license_str | Not specified — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UCTD — University of Cape Town Open Access Repository |
| publishDate | 2024 |
| publishDateRange | 2024 |
| publishDateSort | 2024 |
| publisher | Department of Electrical Engineering |
| publisherStr | Department of Electrical Engineering |
| record_format | dspace |
| source_str | UCTD — University of Cape Town Open Access Repository |
| spelling | oai:open.uct.ac.za:11427/40335 Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems Mboweni, Ignitious Ramotsoela, Daniel Engineering The confidentiality, integrity and availability of critical infrastructure is crucial for any economy to operate efficiently. Critical water systems infrastructure is a target of many attackers who aim to penetrate the system for malicious reasons. The use of cyber-physical systems (CPSs) in Water Treatment Systems (WTSs) unveils many vulnerabilities that attackers can use. Although preventative security mechanisms are put into place they too can be defeated, and in this case, a second layer of security is essential. Intrusion detection mechanisms are important reactive security mechanisms to limit the damage done by a successful attack in the system. The ability to uncover data patterns and gather knowledge from data is a significant benefit of machine learning (ML), however factors such as noise, missing values, excessive features, and inconsistent and redundant data negatively affects the performance of the model, hence a need for data preprocessing which makes it possible to achieve speed and accuracy on a ML process by unveiling veracity in the data ergo making it valuable. Although many ML techniques for intrusion detection have been studied, comprehensive data preprocessing is scarcely documented. This begets a need for an adoptable data preprocessing workflow specifically for critical water systems infrastructure sensor and actuator data that researchers who intend on working on advancing cyber security in CPSs can utilise. The work provided in this dissertation explores data preprocessing techniques on secure water treatment (SWaT) testbed data and provides ideal critical water systems infrastructure specific data preprocessing techniques for a resultant informative dataset to yield high results when applied on machine learning (ML) classification models. The SWaT dataset was chosen as it was designed for cyber security research with a WTS use case. The techniques in this study can be applied to a similar kind of dataset collected from a similar environment and not limited to water treatment. Experiments were set up to evaluate the effect of preprocessing measures and the results showed good improvement on the model's performance which is a good indication of the impact that the data preprocessing has. The best performance was achieved when the preprocessed dataset was randomly split into training and testing, yielding a significant improvement in accuracy, F1 score and time to detection for both algorithms used in the study, namely Fine Tree and Boosted Trees Ensemble. 2024-07-04T14:04:34Z 2024-07-04T14:04:34Z 2024 2024-07-04T13:28:16Z Thesis / Dissertation Masters MSc http://hdl.handle.net/11427/40335 Eng application/pdf Department of Electrical Engineering Faculty of Engineering and the Built Environment |
| spellingShingle | Engineering Mboweni, Ignitious Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems |
| thesis_degree_str | Master's |
| title | Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems |
| title_full | Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems |
| title_fullStr | Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems |
| title_full_unstemmed | Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems |
| title_short | Hydraulic Data Preprocessing for Anomaly Based Intrusion Detection on SCADA Level of Water Treatment Systems |
| title_sort | hydraulic data preprocessing for anomaly based intrusion detection on scada level of water treatment systems |
| topic | Engineering |
| url | http://hdl.handle.net/11427/40335 |
| work_keys_str_mv | AT mboweniignitious hydraulicdatapreprocessingforanomalybasedintrusiondetectiononscadalevelofwatertreatmentsystems |