skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Security Evaluation of Two Intrusion Detection Systems in Smart Grid SCADA Environment

Conference · · 2018 North American Power Symposium (NAPS)
ORCiD logo [1];  [1]; ORCiD logo [1]
  1. Iowa State Univ., Ames, IA (United States)
+ Show Author Affiliations

The increased complexity and interconnectivity of SCADA infrastructure in the power system have exposed it to the multitude of vulnerabilities. There is a growing emphasis towards developing an efficient intrusion detection system (IDS) to strengthen the security of the SCADA control system. This is a research-in-progress paper which presents the application of two anomaly-based intrusion detection systems (AIDS) in detecting the stealthy cyber-attack on the SCADA control system. We have applied the IDS tools Snort and Bro, in designing the IDS and later, compared their performances in terms of detection rate and latency in the alert packets with a motive of selecting better IDS for the SCADA security. Specifically, the timing-based rule is applied to identify the malicious packets based on the high temporal frequency in the network traffic. For the case study, we have implemented the SCADA based protection scheme which performs an autonomous protection to mitigate the system disturbances. We first implemented the stealthy cyber-attack which compromised the SCADA controller followed by data integrity attack on the system generator. Next, we perform the impact analysis during the attack followed by performance evaluation of IDS tools. Our experimental results show that the IDS tools are efficient in detecting cyber-attacks within an acceptable time frame for different sizes of network packets.

Research Organization:
Iowa State Univ., Ames, IA (United States)
Sponsoring Organization:
USDOE Office of Cybersecurity, Energy Security, and Emergency Response (CESER)
Contributing Organization:
Iowa State University
DOE Contract Number:
OE0000830
OSTI ID:
1985687
Report Number(s):
DOE-ISU-0000830-15
Journal Information:
2018 North American Power Symposium (NAPS), Conference: 2018 North American Power Symposium (NAPS)
Country of Publication:
United States
Language:
English

References (11)

Neural Network based Intrusion Detection System for critical infrastructures conference June 2009
On SCADA control system command and response injection and intrusion detection conference January 2010
Multiattribute SCADA-Specific Intrusion Detection System for Power Networks journal June 2014
SCADA Intrusion Detection System based on temporal behavior of frequent patterns conference April 2014
Behavior rule based intrusion detection conference December 2009
Comparative study and analysis of network intrusion detection tools conference October 2015
A survey SCADA of and critical infrastructure incidents conference January 2012
Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid journal June 2013
Security of SCADA systems against cyber–physical attacks journal May 2017
Wide-area SCADA system with distributed security framework journal December 2012
Stealthy cyber attacks and impact analysis on wide-area protection of smart grid conference September 2016

Similar Records

Distributed Intrusion Detection System using Semantic-based Rules for SCADA in Smart Grid
Conference · Mon Oct 12 00:00:00 EDT 2020 · 2020 IEEE/PES Transmission and Distribution Conference and Exposition (T&D) · OSTI ID:1985687
Testbed-based Evaluation of SIEM Tool for Cyber Kill Chain Model in Power Grid SCADA System
Conference · Tue Oct 01 00:00:00 EDT 2019 · 2019 North American Power Symposium (NAPS) · OSTI ID:1985687
HIDES: Hybrid Intrusion Detector for Energy Systems
Conference · Thu Mar 19 00:00:00 EDT 2020 · OSTI ID:1985687
+1 more

Related Subjects

24 POWER TRANSMISSION AND DISTRIBUTION
Smart Grid
Intrusion Detection System
Testbeds
Security Evaluation