Sources used in this document:

Although all Internet threats are potentially dangerous, threats to SCADA systems are particularly terrifying because of the material consequences they can have to people and the environment. Infrastructure can be damaged and lives can be lost, thanks to the increased reliance upon controlling and monitoring infrastructures through technology. For example, an attack on a SCADA-run sewage plant in Canada caused 800,000 liters of raw sewage to be released into local parks and rivers, causing the death of local marine life as well as discoloring the water and generating a noxious stench that permeated the air. Other risks include impeding the ability of nuclear power plants to operate properly. In the wrong hands, it is easy to see how compromised network security of SCADAs could become a weapon of warfare or a weapon for terrorists as well as renegade hackers. "Such utilities are essential in the proper functioning of our daily life; therefore, their security and protection are extremely important as well as being of national concern."

Privacy protection of SCADA is thus essential. Privacy frameworks must be able to deal with multivariate data; they must be efficient and privacy-preserving data mining algorithms must perform well in terms of their computational cost. The data must be of high quality and able to be shared with others to improve the protection of privacy of SCADA nationally and world-wide. All must be able to guard against such attacks. Impingements of SCADA systems can have effects much larger than those upon a single nation, yet another argument for sharing optimized technology to protect their security. Finally the privacy-preserving data mining method should also prevent the discovery of sensitive information in published data.

Data security can be validated in a number of ways, one of which is the KDD99 method. A fairly old, well-tested and long-standing method that has existed since 1999, it is still the data set most commonly used for the evaluation of anomaly detection methods. The data training set can simulate a number of the most common types of attacks including a Denial of Service Attack (DoS), User to Root Attack (U2R), Remote to Local Attack (R2L) and a Probing Attack. KDD99 method is based on DARPA98, "about 4 gigabytes of compressed raw (binary) tcp- dump data of 7 weeks of network track which can be processed into about 5 million connection records, each with about 100 bytes. The two weeks of test data have around 2 million connection records. The KDD training data set consists of approximately 4,900,000 single connection vectors each of which contains 41 features and is labeled as either normal or an attack, with exactly one specific attack type."