A behavior-based intrusion detection technique for smart grid infrastructure

A smart grid is a fully automated electricity network, which monitors and controls all its physical environments of electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various intrusion detection algorithms to protect SCADA system and generation sector have been suggested, whereas there were less consideration on distribution sector. Thus, this paper first highlights the significance of CPS security, especially the availability as the most important factor in smart grid environment. Then this paper classifies various modern intrusion detection system (IDS) techniques for securing smart grid network. In our approach, we propose a novel behavior-based IDS for IEC 61850 protocol using both statistical analysis of traditional network features and specification-based metrics. Finally, we present the attack scenarios and detection methods applicable for IEC 61850-based digital substation in Korean environment.

[1]  Igor Nai Fovino,et al.  Modbus/DNP3 State-Based Intrusion Detection System , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[2]  Taeshik Shon,et al.  Novel Approach for Detecting Network Anomalies for Substation Automation based on IEC 61850 , 2014, Multimedia Tools and Applications.

[3]  Jagath Samarabandu,et al.  An Intrusion Detection System for IEC61850 Automated Substations , 2010, IEEE Transactions on Power Delivery.

[4]  Venus W. Samawi,et al.  The affect of fuzzification on neural networks intrusion detection system , 2009, 2009 4th IEEE Conference on Industrial Electronics and Applications.

[5]  Igor Nai Fovino,et al.  A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems , 2011, IEEE Transactions on Industrial Informatics.

[6]  Carl Kriger,et al.  A Detailed Analysis of the GOOSE Message Structure in an IEC 61850 Standard-Based Substation Automation System , 2013, Int. J. Comput. Commun. Control.

[7]  Taekyoung Kwon,et al.  An Experimental Study of Hierarchical Intrusion Detection for Wireless Industrial Sensor Networks , 2010, IEEE Transactions on Industrial Informatics.

[8]  Ju,et al.  A Simulation Environment for Intrusion Detection System in IEC 61850 Based Substation Automation System , 2013 .

[9]  Stephen V. Stehman,et al.  Selecting and interpreting measures of thematic classification accuracy , 1997 .

[10]  Sang-Chan Park,et al.  DSS for computer security incident response applying CBR and collaborative response , 2010, Expert Syst. Appl..

[11]  K. McLaughlin,et al.  Multiattribute SCADA-Specific Intrusion Detection System for Power Networks , 2014, IEEE Transactions on Power Delivery.

[12]  D. Mah,et al.  Governing the transition of socio-technical systems: a case study of the development of smart grids in Korea , 2012 .

[13]  Ulf Lindqvist,et al.  Using Model-based Intrusion Detection for SCADA Networks , 2006 .