A cyber-physical model for SCADA system and its intrusion detection

2020 ◽  
pp. 107677
Author(s):  
Chuan Sheng ◽  
Yu Yao ◽  
Qiang Fu ◽  
Wei Yang
Keyword(s):  
Intrusion Detection ◽  
Physical Model ◽  
Scada System

scholarly journals An Autoencoder-Based Network Intrusion Detection System for the SCADA System

2021 ◽  
pp. 210-216
Author(s):  
Mustafa Altaha ◽  
◽  
Jae-Myeong Lee ◽  
Muhammad Aslam ◽  
Sugwon Hong
Keyword(s):  
Deep Learning ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Communication Protocol ◽  
Detection System ◽  
Main Tool ◽  
Detection Model ◽  
Scada System ◽  
Network Intrusion ◽  
Power Substation

The intrusion detection system (IDS) is the main tool to do security monitoring that is one of the security strategies for the supervisory control and data acquisition (SCADA) system. In this paper, we develop an IDS based on the autoencoder deep learning model (AE-IDS) for the SCADA system. The target SCADA communication protocol of the detection model is the Distributed Network Protocol 3 (DNP3), which is currently the most commonly utilized communication protocol in the power substation. Cyberattacks that we consider are data injection or modification attacks, which are the most critical attacks in the SCADA systems. In this paper, we extracted 17 data features from DNP3 communication, and use them to train the autoencoder network. We measure accuracy and loss of detection and compare them with different supervised deep learning algorithms. The unsupervised AE-IDS model shows better performance than the other deep learning IDS models.

scholarly journals Cyber-Physical Integrated Intrusion Detection Scheme in SCADA System of Process Manufacturing Industry

IEEE Access ◽  
2020 ◽  
Vol 8 ◽  
pp. 147471-147481 ◽  
Author(s):  
Junlei Qian ◽  
Xueqiang Du ◽  
Bo Chen ◽  
Bin Qu ◽  
Kai Zeng ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Manufacturing Industry ◽  
Detection Scheme ◽  
Scada System ◽  
Process Manufacturing

scholarly journals Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems

Sensors ◽  
2018 ◽  
Vol 18 (8) ◽  
pp. 2478 ◽  
Author(s):  
Mohamad El Hariri ◽  
Samy Faddel ◽  
Osama Mohammed
Keyword(s):  
Model Checking ◽  
Intrusion Detection ◽  
Power Systems ◽  
Power System ◽  
Physical Model ◽  
Network Architecture ◽  
Load Flow ◽  
Rule Based ◽  
Network Intrusion ◽  
Public Disclosures

Recent public disclosures on attacks targeting the power industry showed that savvy attackers are now capable of occulting themselves from conventional rule-based network intrusion detection systems (IDS), bringing about serious threats. In order to leverage the work of rule-based IDS, this paper presents an artificially intelligent physical-model-checking intrusion detection framework capable of detecting tampered-with control commands from control centers of power grids. Unlike the work presented in the literature, the work in this paper utilizes artificial intelligence (AI) to learn the load flow characteristics of the power system and benefits from the fast responses of the AI to decode and understand contents of network packets. The output of the AI is processed through an expert system to verify that incoming control commands do not violate the physical system operational constraints and do not put the power system in an insecure state. The proposed content-aware IDS is tested in simulation on a 14-bus IEEE benchmark system. Experimental verification on a small power system, with an IEC 61850 network architecture is also carried out. The results showed the accuracy of the proposed framework in successfully detecting malicious and/or erroneous control commands.

scholarly journals Design of Intrusion Detection and Prevention in SCADA System for the Detection of Bias Injection Attacks

2019 ◽  
Vol 2019 ◽  
pp. 1-12 ◽  
Author(s):  
R. B. Benisha ◽  
S. Raja Ratna
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Negative ◽  
Grey Wolf Optimization ◽  
Injection Attacks ◽  
Scada System ◽  
Prevention System ◽  
Learning Machine ◽  
Intrusion Detection And Prevention

Intrusion detection and prevention system detects malicious activities that occur in the real-time SCADA systems. This system has a problem without a profound solution. The challenge of the existing intrusion detection is accuracy in the process of detecting the anomalies. In SCADA, wind turbine data are modified by the intruders and forged details are given to the server. To overcome this, the biased intrusion detection system is used for detecting the intrusion with encrypted date, time, and file location with less false-positive and false-negative rates and thereby preventing the SCADA system from further intrusion. It is done in three phases. First, Modified Grey Wolf Optimization (MGWO) is used to extract the features needed for classification and to find the best weight. Second, Entropy-based Extreme Learning Machine (EELM) is used to extort the features and detect the intruded data with its intruded time, file location, and date. Finally, the data are encrypted using the Hybrid Elliptical Curve Cryptography (HECC) to prevent further attack. Experimental results show better accuracy in both detection as well as prevention.

scholarly journals Exploiting Bro for Intrusion Detection in a SCADA System

2016 ◽  
Author(s):  
Robert Udd ◽  
Mikael Asplund ◽  
Simin Nadjm-Tehrani ◽  
Mehrdad Kazemtabrizi ◽  
Mathias Ekstedt
Keyword(s):  
Intrusion Detection ◽  
Scada System
Sign in / Sign up

Export Citation Format

Share Document