YANG, Yi, MCLAUGHLIN, Kieran, LITTLER, Tim, SEZER, Sakir, PRANGGONO, Bernardi and WANG, Haifeng (2013). Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks. In: 2013 IEEE Power & Energy Society General Meeting. IEEE, 1-5.Full text not available from this repository.
Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cybersecurity of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified via Snort rules.
|Item Type:||Book Section|
|Additional Information:||Proceedings of a meeting held 21-25 July 2013, Vancouver, British Columbia, Canada.|
|Research Institute, Centre or Group:||Cultural Communication and Computing Research Institute > Communication and Computing Research Centre|
|Depositing User:||Bernardi Pranggono|
|Date Deposited:||17 Feb 2016 14:33|
|Last Modified:||17 Feb 2016 15:43|
Actions (login required)
Downloads per month over past year