论文信息 - Semantic security analysis of SCADA networks to detect malicious control commands in power grids

Semantic security analysis of SCADA networks to detect malicious control commands in power grids

In the current generation of SCADA (Supervisory Control And Data Acquisition) systems used in power grids, a sophisticated attacker can exploit system vulnerabilities and use a legitimate maliciously crafted command to cause a wide range of system changes that traditional contingency analysis does not consider and remedial action schemes cannot handle. To detect such malicious commands, we propose a semantic analysis framework based on a distributed network of intrusion detection systems (IDSes). The framework combines system knowledge of both cyber and physical infrastructure in power grid to help IDS to estimate execution consequences of control commands, thus to reveal attacker's malicious intentions. We evaluated the approach on the IEEE 30-bus system. Our experiments demonstrate that: (i) by opening 3 transmission lines, an attacker can avoid detection by the traditional contingency analysis and instantly put the tested 30-bus system into an insecure state and (ii) the semantic analysis provides reliable detection of malicious commands with a small amount of analysis time.

[1] R. Gutman,et al. Analytical Development of Loadability Characteristics for EHV and UHV Transmission Lines , 1979, IEEE Transactions on Power Apparatus and Systems.

[2] A. Monticelli,et al. Electric power system state estimation , 2000, Proceedings of the IEEE.

[3] Anjan Bose,et al. A topology processor that tracks network modifications , 1988 .

[4] Hongbin Sun,et al. Transition to a Two-Level Linear State Estimator—Part I: Architecture , 2011, IEEE Transactions on Power Systems.

[5] Peng Ning,et al. False data injection attacks against state estimation in electric power grids , 2009, CCS.

[6] Ravishankar K. Iyer,et al. Adapting Bro into SCADA: building a specification-based intrusion detection system for the DNP3 protocol , 2013, CSIIRW '13.

[7] Sandip Roy,et al. Power System Extreme Event Detection: The Vulnerability Frontier , 2007, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[8] Klara Nahrstedt,et al. Detecting False Data Injection Attacks on DC State Estimation , 2010 .

[9] Igor Nai Fovino,et al. State-Based Network Intrusion Detection Systems for SCADA Protocols: A Proof of Concept , 2009, CRITIS.

[10] R D Zimmerman,et al. MATPOWER: Steady-State Operations, Planning, and Analysis Tools for Power Systems Research and Education , 2011, IEEE Transactions on Power Systems.