Agile Intrusion Recognition Scheme using Federated Learning for SCADA Systems

Supervisory Control and Data Acquisition (SCADA) systems provide itinerary assimilation of industrial hardware and software for remote handling and control. Intrusions in such systems are vulnerable to seizing the legitimate device control for adversarial purposes. To handle such intrusions, an Agile Intrusion Recognition Scheme (AIRS) is presented in this article. This scheme is designed to identify and mitigate layered attacks in SCADA systems. The entry and control points of the intrusions in the system layers are identified using accumulated data logs at the end of disseminated controls. Such logs are analyzed using federated learning at different layer synchronization points. If the synchronization fails then the changes caused entry is marked as an intrusion. The federated learning is responsible for validating the synchronous points between control broadcasting and data acquisition intervals. The synchronization failure in the least intervals is reverted with new control and entry points. This process is optimal for detecting random and frequent intrusions in any control interval of the SCADA systems.