Title :
Rule-based intrusion detection system for SCADA networks
Author :
Yang, Yi ; McLaughlin, Keiran ; Littler, Tim ; Sezer, Sakir ; Wang, H.F.
Author_Institution :
Queen´s Univ. of Belfast, Belfast, UK
Abstract :
Increased interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in renewable power system networks can potentially mean greater susceptibility to malicious attackers. SCADA systems have inherent cyber vulnerabilities as these systems were originally designed with limited consideration of cyber attacks or threats. There is little published literature which rigorously considers SCADA-based Intrusion Detection System (IDS) using the IEC 608705-104 protocol. This paper presents a rule-based IDS for IEC 60870-5-104 driven SCADA networks using an in-depth protocol analysis and a Deep Packet Inspection (DPI) method. The proposed SCADA-IDS involving signature-based and model-based detection is exemplified using a protocol traffic case-study.
Keywords :
IEC standards; SCADA systems; security of data; DPI method; IEC 608705-104 protocol; SCADA networks; cyber attacks; cyber threats; cyber vulnerabilities; deep packet inspection method; malicious attackers; model-based detection; renewable power system networks; rule-based IDS; rule-based intrusion detection system; signature-based detection; supervisory control and data acquisition systems; Cyber-Security; IEC 60870-5-104; Intrusion Detection; SCADA;
Conference_Titel :
Renewable Power Generation Conference (RPG 2013), 2nd IET
Conference_Location :
Beijing
Electronic_ISBN :
978-1-84919-758-8
DOI :
10.1049/cp.2013.1729
