OSCIDS: An Ontology based SCADA Intrusion Detection Framework

Abdullah Al Balushi, Kieran McLaughlin, Sakir Sezer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)
344 Downloads (Pure)


This paper presents the design, development, and validation of an ontology based SCADA intrusion detection system. The proposed system analyses SCADA network communications and can derive additional information based on the background knowledge and ontology models to enhance the intrusion detection data. The developed intrusion model captures network communications, cyber attacks and the context within the SCADA domain. Moreover, a set of semantic rules were constructed to detect various attacks and extract logical relationships among these attacks. The presented framework was extensively evaluated and a comparison to the state of the art is provided.
Original languageEnglish
Title of host publicationProceedings of the 13th International Joint Conference on e-Business and Telecommunications
Number of pages9
Volume4: SECRYPT
ISBN (Electronic)978-989-758-196-0
Publication statusPublished - 01 Jul 2016
Event13th International Conference on Security and Cryptography (SECRYPT) - Lisbon, Portugal
Duration: 26 Jul 201629 Jul 2016
Conference number: 13


Conference13th International Conference on Security and Cryptography (SECRYPT)
Abbreviated titleSECRYPT
Internet address


  • Semantics
  • Ontology
  • industrial control system
  • Security
  • Attacks
  • modelling
  • knowledge and context

Fingerprint Dive into the research topics of 'OSCIDS: An Ontology based SCADA Intrusion Detection Framework'. Together they form a unique fingerprint.

Cite this