Trees Bootstrap Aggregation for Detection and Characterization of IoT-SCADA Network Traffic

Abstract

The accelerated industrial transformation has witnessed the supervisory control and data acquisition (SCADA) transit from monolithic to the Internet of Things (IoT-SCADA). The development also transformed conventional specialized serial-based to transmission control protocol/internet protocol reliant standard communication protocols, such as IEC-60870-5-104 (IEC-104), thereby increasing vulnerability to attacks and intrusions. Maintaining the reliability and availability of IoT-SCADA demands versatile and robust monitoring of network traffic. This study proposes a monitoring technique to detect and characterize the IEC-104 IoT-SCADA network traffic. The proposed trees bootstrap aggregation monitoring technique of GridSearchCV() hyperparameter tuning of 11 n-estimator, 20 max-depth, and 5-k cross-validation achieved early detection and characterization. Experimental results demonstrate its sensitivity and precision in detecting and classifying various network traffic and application types at a minimal execution time while reducing false alarm rates, which is vital for mitigating intrusions in heterogeneous IoT-SCADA networks.