{"id":"https://openalex.org/W2290151134","doi":"https://doi.org/10.1109/tifs.2015.2512522","title":"An Efficient Data-Driven Clustering Technique to Detect Attacks in SCADA Systems","display_name":"An Efficient Data-Driven Clustering Technique to Detect Attacks in SCADA Systems","publication_year":2015,"publication_date":"2015-12-25","ids":{"openalex":"https://openalex.org/W2290151134","doi":"https://doi.org/10.1109/tifs.2015.2512522","mag":"2290151134"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2015.2512522","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2015.2512522","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":null,"any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081933546","display_name":"Abdulmohsen Almalawi","orcid":"https://orcid.org/0000-0002-4389-1339"},"institutions":[{"id":"https://openalex.org/I185163786","display_name":"King Abdulaziz University","ror":"https://ror.org/02ma4wv74","country_code":"SA","type":"education","lineage":["https://openalex.org/I185163786"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Abdulmohsen Almalawi","raw_affiliation_strings":["School of Computer Science and Information Technology, King Abdulaziz University, Jeddah, Saudi Arabia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computer Science and Information Technology, King Abdulaziz University, Jeddah, Saudi Arabia","institution_ids":["https://openalex.org/I185163786"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076086712","display_name":"Adil Fahad","orcid":null},"institutions":[{"id":"https://openalex.org/I52207611","display_name":"Al Baha University","ror":"https://ror.org/0403jak37","country_code":"SA","type":"education","lineage":["https://openalex.org/I52207611"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Adil Fahad","raw_affiliation_strings":["Department of Computer Science, College of Computer Science and Information Technology, Al Baha University, Al Bahah, Saudi Arabia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, College of Computer Science and Information Technology, Al Baha University, Al Bahah, Saudi Arabia","institution_ids":["https://openalex.org/I52207611"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054836950","display_name":"Zahir Tari","orcid":"https://orcid.org/0000-0002-1235-9673"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zahir Tari","raw_affiliation_strings":["School of Computer Science and Information Technology, Royal Melbourne Institute of Technology, Melbourne, Australia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computer Science and Information Technology, Royal Melbourne Institute of Technology, Melbourne, Australia","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101601529","display_name":"Abdullah Alamri","orcid":"https://orcid.org/0000-0002-4705-9283"},"institutions":[{"id":"https://openalex.org/I4210099699","display_name":"University of Jeddah","ror":"https://ror.org/015ya8798","country_code":"SA","type":"education","lineage":["https://openalex.org/I4210099699"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Abdullah Alamri","raw_affiliation_strings":["Faculty of Computing and Information Technology, University of Jeddah, Jeddah, Saudi Arabia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Faculty of Computing and Information Technology, University of Jeddah, Jeddah, Saudi Arabia","institution_ids":["https://openalex.org/I4210099699"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083643896","display_name":"Rayed AlGhamdi","orcid":"https://orcid.org/0000-0002-6277-2124"},"institutions":[{"id":"https://openalex.org/I185163786","display_name":"King Abdulaziz University","ror":"https://ror.org/02ma4wv74","country_code":"SA","type":"education","lineage":["https://openalex.org/I185163786"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Rayed AlGhamdi","raw_affiliation_strings":["School of Computer Science and Information Technology, King Abdulaziz University, Jeddah, Saudi Arabia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computer Science and Information Technology, King Abdulaziz University, Jeddah, Saudi Arabia","institution_ids":["https://openalex.org/I185163786"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015993565","display_name":"Albert Y. Zomaya","orcid":"https://orcid.org/0000-0002-3090-1059"},"institutions":[{"id":"https://openalex.org/I129604602","display_name":"The University of Sydney","ror":"https://ror.org/0384j8v12","country_code":"AU","type":"education","lineage":["https://openalex.org/I129604602"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Albert Y. Zomaya","raw_affiliation_strings":["Centre for Distributed and High Performance Computing, School of Information Technologies, The University of Sydney, New South Wales, Australia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Centre for Distributed and High Performance Computing, School of Information Technologies, The University of Sydney, New South Wales, Australia","institution_ids":["https://openalex.org/I129604602"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":8.0651,"has_fulltext":false,"cited_by_count":97,"citation_normalized_percentile":{"value":0.97713626,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":"11","issue":"5","first_page":"893","last_page":"906"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.9848594665527344},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7691314220428467},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7594485282897949},{"id":"https://openalex.org/keywords/cluster-analysis","display_name":"Cluster analysis","score":0.629665195941925},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5250499248504639},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5167052745819092},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.4266192317008972},{"id":"https://openalex.org/keywords/industrial-control-system","display_name":"Industrial control system","score":0.42281460762023926},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4146791696548462},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4123954176902771},{"id":"https://openalex.org/keywords/real-time-computing","display_name":"Real-time computing","score":0.40083661675453186},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.33816763758659363},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.21683406829833984},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.158580482006073},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11054301261901855},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.0887252688407898}],"concepts":[{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.9848594665527344},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7691314220428467},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7594485282897949},{"id":"https://openalex.org/C73555534","wikidata":"https://www.wikidata.org/wiki/Q622825","display_name":"Cluster analysis","level":2,"score":0.629665195941925},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5250499248504639},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5167052745819092},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.4266192317008972},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.42281460762023926},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4146791696548462},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4123954176902771},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.40083661675453186},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.33816763758659363},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.21683406829833984},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.158580482006073},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11054301261901855},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0887252688407898},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tifs.2015.2512522","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2015.2512522","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:alma.61RMIT_INST:11247082360001341","is_oa":false,"landing_page_url":"http://doi.org/10.1109/TIFS.2015.2512522","pdf_url":null,"source":{"id":"https://openalex.org/S4306402074","display_name":"RMIT Research Repository (RMIT University Library)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I82951845","host_organization_name":"RMIT University","host_organization_lineage":["https://openalex.org/I82951845"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},{"id":"pmh:oai:figshare.com:article/27485679","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"}],"best_oa_location":{"id":"pmh:oai:figshare.com:article/27485679","is_oa":true,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.6200000047683716}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W38537450","https://openalex.org/W136405503","https://openalex.org/W1498047526","https://openalex.org/W1556344493","https://openalex.org/W1557652964","https://openalex.org/W1566114229","https://openalex.org/W1575476631","https://openalex.org/W1673310716","https://openalex.org/W1922425649","https://openalex.org/W1973155708","https://openalex.org/W1974853427","https://openalex.org/W1978514793","https://openalex.org/W1983931707","https://openalex.org/W2005468743","https://openalex.org/W2043356179","https://openalex.org/W2044220434","https://openalex.org/W2050439513","https://openalex.org/W2069285803","https://openalex.org/W2088698696","https://openalex.org/W2091236895","https://openalex.org/W2092891061","https://openalex.org/W2095897464","https://openalex.org/W2122217421","https://openalex.org/W2127064699","https://openalex.org/W2140902124","https://openalex.org/W2141050228","https://openalex.org/W2144182447","https://openalex.org/W2157665255","https://openalex.org/W2161592722","https://openalex.org/W2165847864","https://openalex.org/W2558639397","https://openalex.org/W3120740533","https://openalex.org/W4213009331","https://openalex.org/W4231029117","https://openalex.org/W4254182148","https://openalex.org/W6601553728","https://openalex.org/W6605541885","https://openalex.org/W6633228498","https://openalex.org/W6633857196","https://openalex.org/W6634394891","https://openalex.org/W6637131181","https://openalex.org/W6643496569","https://openalex.org/W6667864987","https://openalex.org/W6672803144","https://openalex.org/W6683235873","https://openalex.org/W6730268709"],"related_works":["https://openalex.org/W2184280487","https://openalex.org/W2265199518","https://openalex.org/W2215365983","https://openalex.org/W3037527366","https://openalex.org/W2309980522","https://openalex.org/W2187618570","https://openalex.org/W2184855233","https://openalex.org/W2198908836","https://openalex.org/W383057355","https://openalex.org/W4252573951"],"abstract_inverted_index":{"Supervisory":[0],"control":[1],"and":[2,22,34,40,63,74,117],"data":[3,150],"acquisition":[4],"(SCADA)":[5],"systems":[6,31,46],"have":[7,47,85],"become":[8],"a":[9,105,121],"salient":[10],"part":[11],"in":[12,167],"controlling":[13],"critical":[14,118,171],"infrastructures,":[15],"such":[16],"as":[17],"power":[18],"plants,":[19],"energy":[20],"grids,":[21],"water":[23],"distribution":[24],"systems.":[25],"In":[26,42],"the":[27,58,61,64,115,131,140,170,175,178],"past":[28],"decades,":[29],"these":[30],"were":[32],"isolated":[33],"use":[35],"proprietary":[36],"software,":[37,73],"operating":[38],"systems,":[39,52,82],"protocols.":[41],"recent":[43],"years,":[44],"SCADA":[45,81,98,179],"been":[48],"interfaced":[49],"with":[50],"enterprise":[51],"which":[53,112],"therefore":[54],"exposed":[55],"them":[56],"to":[57,96],"vulnerabilities":[59],"of":[60,109,120,139,154,165,177],"Internet":[62],"security":[65,68],"threats.":[66],"Traditional":[67],"solutions":[69],"(e.g.,":[70],"firewalls,":[71],"antivirus":[72],"intrusion":[75,93],"detection":[76,94,128],"systems)":[77],"cannot":[78],"fully":[79],"protect":[80],"because":[83],"they":[84],"different":[86],"requirements.":[87],"This":[88,101],"paper":[89],"presents":[90],"an":[91,162],"innovative":[92],"approach":[95,142],"detect":[97],"tailored":[99],"attacks.":[100],"is":[102,143],"based":[103],"on":[104,148],"data-driven":[106],"clustering":[107],"technique":[108],"process":[110,155],"parameters,":[111],"automatically":[113,168],"identifies":[114],"normal":[116],"states":[119,133],"given":[122],"system.":[123,180],"Later,":[124],"it":[125],"extracts":[126],"proximity-based":[127],"rules":[129],"from":[130],"identified":[132],"for":[134],"monitoring":[135,176],"purposes.":[136],"The":[137,158],"effectiveness":[138],"proposed":[141],"tested":[144],"by":[145],"conducting":[146],"experiments":[147],"eight":[149],"sets":[151],"that":[152],"consist":[153],"parameters'":[156],"values.":[157],"empirical":[159],"results":[160],"demonstrated":[161],"average":[163],"accuracy":[164],"98%":[166],"identifying":[169],"states,":[172],"while":[173],"facilitating":[174]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":16},{"year":2020,"cited_by_count":16},{"year":2019,"cited_by_count":17},{"year":2018,"cited_by_count":12},{"year":2017,"cited_by_count":9},{"year":2016,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}
