Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks

YANG, Yi, MCLAUGHLIN, Kieran, LITTLER, Tim, SEZER, Sakir, PRANGGONO, Bernardi and WANG, Haifeng (2013). Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks. In: 2013 IEEE Power & Energy Society General Meeting. IEEE, 1-5.

Full text not available from this repository.
Link to published version:: 10.1109/PESMG.2013.6672100

Abstract

Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cybersecurity of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified via Snort rules.

Item Type: Book Section
Additional Information: Proceedings of a meeting held 21-25 July 2013, Vancouver, British Columbia, Canada.
Research Institute, Centre or Group: Cultural Communication and Computing Research Institute > Communication and Computing Research Centre
Identification Number: 10.1109/PESMG.2013.6672100
Depositing User: Bernardi Pranggono
Date Deposited: 17 Feb 2016 14:33
Last Modified: 17 Feb 2016 15:43
URI: http://shura.shu.ac.uk/id/eprint/11125

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics