Stateful Intrusion Detection for IEC 60870-5-104 SCADA Security

Y. Yang, K. McLaughlin, S. Sezer, Y.B. Yuan, W. Huang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

19 Citations (Scopus)
2342 Downloads (Pure)


Cyber threats in Supervisory Control and Data Acquisition (SCADA) systems have the potential to render physical damage and jeopardize power system operation, safety and stability. SCADA systems were originally designed with little consideration of escalating cyber threats and hence the problem of how to develop robust intrusion detection technologies to tailor the requirements of SCADA is an emerging topic and a big challenge. This paper proposes a stateful Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method to improve the cyber-security of SCADA systems using the IEC 60870-5-104 protocol which is tailored for basic telecontrol communications. The proposed stateful protocol analysis approach is presented that is designed specifically for the IEC 60870-5-104 protocol. Finally, the novel intrusion detection approach are implemented and validated.
Original languageEnglish
Title of host publication2014 IEEE PES General Meeting Conference & Exposition
Number of pages5
Publication statusPublished - 27 Jul 2014
EventIEEE Power & Energy Society General Meeting, 2014 (PES 14) - USA, Washington DC, United States
Duration: 27 Jul 201431 Jul 2014


ConferenceIEEE Power & Energy Society General Meeting, 2014 (PES 14)
Country/TerritoryUnited States
CityWashington DC


Dive into the research topics of 'Stateful Intrusion Detection for IEC 60870-5-104 SCADA Security'. Together they form a unique fingerprint.

Cite this