Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks
| Data(s) |
01/07/2013
|
|---|---|
| Resumo |
Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified via Snort rules. |
| Identificador | |
| Idioma(s) |
eng |
| Direitos |
info:eu-repo/semantics/restrictedAccess |
| Fonte |
Yang , Y , McLaughlin , K , Littler , T , Sezer , S , Pranggono , B & Wang , H 2013 , Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks . in Proceedings of the IEEE Power & Energy Society General Meeting (PESGM 2013) . |
| Palavras-Chave | #/dk/atira/pure/subjectarea/asjc/2100/2102 #Energy Engineering and Power Technology #/dk/atira/pure/subjectarea/asjc/2100/2104 #Nuclear Energy and Engineering #/dk/atira/pure/subjectarea/asjc/2100/2105 #Renewable Energy, Sustainability and the Environment #/dk/atira/pure/subjectarea/asjc/2200/2208 #Electrical and Electronic Engineering |
| Tipo |
contributionToPeriodical |
