Stateful Intrusion Detection for IEC 60870-5-104 SCADA Security

Y. Yang, K. McLaughlin, S. Sezer, Y.B. Yuan, W. Huang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

15 Citations (Scopus)
1974 Downloads (Pure)

Abstract

Cyber threats in Supervisory Control and Data Acquisition (SCADA) systems have the potential to render physical damage and jeopardize power system operation, safety and stability. SCADA systems were originally designed with little consideration of escalating cyber threats and hence the problem of how to develop robust intrusion detection technologies to tailor the requirements of SCADA is an emerging topic and a big challenge. This paper proposes a stateful Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method to improve the cyber-security of SCADA systems using the IEC 60870-5-104 protocol which is tailored for basic telecontrol communications. The proposed stateful protocol analysis approach is presented that is designed specifically for the IEC 60870-5-104 protocol. Finally, the novel intrusion detection approach are implemented and validated.
Original languageEnglish
Title of host publication2014 IEEE PES General Meeting Conference & Exposition
Pages1-5
Number of pages5
DOIs
Publication statusPublished - 27 Jul 2014
EventIEEE Power & Energy Society General Meeting, 2014 (PES 14) - USA, Washington DC, United States
Duration: 27 Jul 201431 Jul 2014

Conference

ConferenceIEEE Power & Energy Society General Meeting, 2014 (PES 14)
CountryUnited States
CityWashington DC
Period27/07/201431/07/2014

Fingerprint Dive into the research topics of 'Stateful Intrusion Detection for IEC 60870-5-104 SCADA Security'. Together they form a unique fingerprint.

Cite this