A Passive Testing Approach using a Semi-Supervised Intrusion Detection Model for SCADA Network Traffic

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Worldwide cyber-attacks constantly threaten the security of available infrastructure relying on cyber-physical systems. Infrastructure companies use passive testing approaches such as anomaly-based intrusion detection systems to observe such systems and prevent attacks. However, the effectiveness of intrusion detection systems depends on the underlying models used for detecting attacks and the observations that may suffer from scarce data availability. Hence, we need research on a) passive testing methods for obtaining appropriate detection models and b) for analysing the impact of the scarceness of data for improving intrusion detection systems. In this paper, we contribute to these challenges. We build on former work on supervised intrusion detection of power grid substation SCADA network traffic where a real-world data set (APG data set) is available. In contrast to previous work, we use a semi-supervised model with recurrent neural network architectures (i.e., LSTM Autoencoders and sequence models). This model only considers samples of ordinary data traffic without attacks to learn an adequate detection model. We outline the underlying foundations regarding the machine learning approach used. Furthermore, we present and discuss the obtained experimental results and compare them with prior results on supervised machine learning approaches.

Original languageEnglish
Title of host publicationProceedings - 4th IEEE International Conference on Artificial Intelligence Testing, AITest 2022
PublisherInstitute of Electrical and Electronics Engineers
Number of pages6
ISBN (Electronic)9781665487375
Publication statusPublished - 2022
Event4th IEEE International Conference on Artificial Intelligence Testing: AITest 2022 - Newark, United States
Duration: 15 Aug 202218 Aug 2022


Conference4th IEEE International Conference on Artificial Intelligence Testing
Abbreviated titleAITest 2022
Country/TerritoryUnited States


  • Anomaly Detection
  • Intrusion Detection
  • Passive Testing
  • Power Grid Substation Networks
  • SCADA network traffic
  • Security Testing

ASJC Scopus subject areas

  • Artificial Intelligence
  • Software
  • Safety, Risk, Reliability and Quality
  • Modelling and Simulation


Dive into the research topics of 'A Passive Testing Approach using a Semi-Supervised Intrusion Detection Model for SCADA Network Traffic'. Together they form a unique fingerprint.

Cite this