Rule-Based Intrusion Detection System for SCADA Networks

Research output: Chapter in Book/Report/Conference proceedingConference contribution

42 Citations (Scopus)


Increased complexity and interconnectivity of Supervisory Control and Data Acquisition (SCADA) systems in Smart Grids potentially means greater susceptibility to malicious attackers. SCADA systems with legacy communication infrastructure have inherent cyber-security vulnerabilities as these systems were originally designed with little consideration of cyber threats. In order to improve cyber-security of SCADA networks, this paper presents a rule-based Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method, which includes signature-based and model-based approaches tailored for SCADA systems. The proposed signature-based rules can accurately detect several known suspicious or malicious attacks. In addition, model-based detection is proposed as a complementary method to detect unknown attacks. Finally, proposed intrusion detection approaches for SCADA networks are implemented and verified using a ruled based method.
Original languageEnglish
Title of host publicationProceeding of the 2nd IET International Conference in Renewable Power Generation (RPG2013)
Edition623 CP
Publication statusPublished - Sept 2013


  • Smart Grid; SCADA; Cyber-security; Intrusion detection

ASJC Scopus subject areas

  • Electrical and Electronic Engineering


Dive into the research topics of 'Rule-Based Intrusion Detection System for SCADA Networks'. Together they form a unique fingerprint.

Cite this