Rule-Based Intrusion Detection System for SCADA Networks

Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified using a ruled based method.

Intrusion Detection System for IEC 60870-5-104 Based SCADA Networks

Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified via Snort rules.

Modelling of saline intrusion in marine outfalls

Since their introduction in the 1950s, marine outfalls with diffusers have been prone to saline intrusion, a process in which seawater ingresses into the outfall. This can greatly reduce the dilution and subsequent dispersion of wastewater discharged, sometimes resulting in serious deterioration of coastal water quality. Although long aware of the difficulties posed by saline intrusion, engineers still lack satisfactory methods for its prediction and robust design methods for its alleviation. However, with recent developments in numerical methods and computer power, it has been suggested that commercially available computational fluid dynamics (CFD) software may be a useful aid in combating this phenomenon by improving understanding through synthesising likely behaviour. This document reviews current knowledge on saline intrusion and its implications and then outlines a model-scale investigation of the process undertaken at Queen's University Belfast, using both physical and CFD methods. Results are presented for a simple outfall configuration, incorporating several outlets. The features observed agree with general observations from full-scale marine outfalls, and quantify the intricate internal flow mechanisms associated with saline intrusion. The two-dimensional numerical model was found to represent saline intrusion, but in a qualitative manner, not yet adequate for design purposes. Specific areas requiring further development were identified. The ultimate aim is to provide a reliable, practical and cost effective means by which engineers can minimise saline intrusion through optimised outfall design.

Statistical Monitoring of Dynamic Multivariate Processes: Part II: Identifying Fault Magnitude and Signature

This paper builds on work presented in the first paper, Part 1 [1] and is of equal significance. The paper proposes a novel compensation method to preserve the integrity of step-fault signatures prevalent in various processes that can be masked during the removal of both auto- and cross correlation. Using industrial data, the paper demonstrates the benefit of the proposed method, which is applicable to chemical, electrical, and mechanical process monitoring. This paper, (and Part 1 [1]), has led to further work supported by EPSRC grant GR/S84354/01 involving kernel PCA methods.